Security News Hackers Leak 5.1 Million Panera Bread Records

Miravi

Miravi

Level 9
Thread author
Verified
Well-known
Aug 31, 2024
423
3,015
768
USA
Content source
https://www.securityweek.com/hackers-leak-5-1-million-panera-bread-accounts/
Data allegedly pertaining to over 5 million Panera Bread customers has emerged online after hackers failed to extort the US bakery-cafe chain.

The ShinyHunters extortion group has claimed the theft of roughly 14 million records from Panera Bread, after compromising a Microsoft Entra single-sign-on (SSO) code.

The attack falls in line with recent ShinyHunters attacks that rely on voice phishing (vishing) and SSO authentication to access victim organizations’ cloud-based software-as-a-service (SaaS) environments.

Last week, ShinyHunters published on its Tor-based leak site a 760GB archive allegedly containing the sensitive information stolen from Panera Bread.

According to the data breach notification site Have I Been Pwned, the data was leaked after the hackers failed to extort the food chain.

The archive includes 5.1 million unique email addresses and likely impacts as many Panera customers. Associated information such as names, addresses and phone numbers was also present in the leak.

While it has not responded to a SecurityWeek inquiry on the incident, Panera Bread has confirmed the intrusion, telling Reuters that the hackers stole “contact information”.

“From a defender’s perspective, 5.1 million compromised accounts still represents a massive downstream risk for credential stuffing, phishing, and identity-based attacks well beyond Panera itself,” SOCRadar CISO Ensar Seker said.

ShinyHunters-branded extortion attacks have been escalating recently, with recent reports suggesting the group was setting up to hit over 100 organizations across multiple sectors. Betterment, Crunchbase, and SoundCloud have confirmed the intrusions.
Click to expand...
www.securityweek.com

Hackers Leak 5.1 Million Panera Bread Records

The ShinyHunters extortion group has leaked 14 million records allegedly stolen from US bakery-cafe chain Panera Bread.
www.securityweek.com www.securityweek.com
 
  • Like
Reactions: lokamoka820, Brownie2019, simmerskool and 4 others
ShinyHunters tried to extort Panera Bread and ended up leaking millions of accounts… what started as coffee with a croissant turned into an all‑you‑can‑eat buffet for credential stuffing ☕🥐. In the end, the philosophy of the cybercriminal isn’t that different from the baker’s: both wake up early, both work with dough… only one bakes bread while the other bakes leaks.
 
  • Like
  • HaHa
  • Wow
Reactions: lokamoka820, Brownie2019, simmerskool and 3 others

You may also like...