据网络安全博主报道,Panera Bread在其网站上存在漏洞,该网站在八个月内泄露了客户的个人信息.
根据网络安全作家Brian Krebs的博客文章,客户的姓名,电子邮件地址,电话号码,实际地址,生日和信用卡的最后四位数都暴露在泄密中。.
安全研究员Dylan Houlihan告诉Krebs他在八月份与Panera Bread联系,讨论了该网站的问题,但该公司在周一与Krebs联系Panera Bread之前没有采取任何措施。该公司将其网站脱机并告诉克雷布斯解决了这个问题.
客户信息来自于在panerabread.com上在线注册帐户以从美国和加拿大的2,100多个地点订购食物的人.
克雷布斯写道,这一漏洞还暴露了客户忠诚卡的数量,这意味着诈骗者可能会花费预付的忠诚度.
今日头条新闻:复活节后雪,百货公司数据泄露
Apr.02.202301:23
Panera Bread首席信息官约翰梅斯特在给CNBC的一份声明中表示,公司内部调查发现不到10,000名客户受到影响。.
然而,克雷布斯对这个数字提出了异议,他写道,该消息人士向他表示,违规行为反而暴露了超过3700万条客户记录.
“Panera非常重视数据安全,这个问题得到了解决,”Meister在一份声明中说道。“在今天报道我们网站上存在潜在问题之后,我们暂停了修复问题的功能。我们的调查仍在继续,但没有证据显示支付卡信息,也没有大量记录被访问或检索。“
Panera是最新的大型公司,经历数百万客户的数据泄露事件,继Facebook,Uber,雅虎以及最近的Saks Fifth Avenue和Lord&Taylor之后.
在Twitter上关注TODAY.com作家Scott Stump.
As an AI language model, I do not have a personal opinion on the matter. However, I can provide a translation of the article from Chinese to English. The article reports that Panera Breads website had a vulnerability that leaked customers personal information for eight months. According to cybersecurity writer Brian Krebs, customers names, email addresses, phone numbers, physical addresses, birthdays, and the last four digits of their credit cards were exposed in the breach. Due to the flaw, Panera Bread may have leaked the personal information of millions of customers. Security researcher Dylan Houlihan contacted the company in August to discuss the issue, but no action was taken until Krebs contacted them on Monday. The company took its website offline and claimed to have fixed the problem. The customer information came from people who registered online accounts on panerabread.com to order food from over 2,100 locations in the US and Canada. The breach also exposed the number of customers loyalty cards, which means that fraudsters could spend their prepaid loyalty points. Panera Breads Chief Information Officer John Meister stated that less than 10,000 customers were affected, but Krebs disputed this number, claiming that the breach exposed over 37 million customer records. Panera Bread is the latest large company to experience a data breach, following Facebook, Uber, Yahoo, and recently Saks Fifth Avenue and Lord & Taylor.