How many Panera Bread customer records were compromised in the recent breach?

Over 14 million customer records were stolen in the recent Panera Bread data breach.

What kind of personal information was stolen from Panera Bread customers?

The stolen data includes customers' names, email addresses, phone numbers, home addresses, and account details.

How did the ShinyHunters group breach Panera Bread's system?

The breach reportedly occurred by exploiting a vulnerability in a Microsoft Entra single-sign-on (SSO) code.

Home / Crime and Justice / Panera Bread Breach: 14M Records Stolen

Panera Bread Breach: 14M Records Stolen

31 Jan

•

Summary

Over 14 million customer records were stolen by ShinyHunters.
Stolen data includes names, emails, phone numbers, and addresses.
The breach was reportedly due to compromised Microsoft Entra SSO credentials.

ShinyHunters, a known hacking group, has claimed responsibility for a massive data breach affecting Panera Bread customers. The cyberattack resulted in the theft of over 14 million customer records, including sensitive personal information such as names, email addresses, phone numbers, home addresses, and account details.

Panera Bread has confirmed the incident, describing the compromised data as contact information. The company has alerted law enforcement and is taking measures to address the security lapse. Cybersecurity experts warn that the exposed Personally Identifiable Information (PII) poses a significant risk of identity theft and social engineering attacks on the dark web.

The breach was allegedly facilitated by exploiting a weakness in Microsoft Entra's single-sign-on (SSO) code. This incident echoes recent warnings from Okta regarding sophisticated voice phishing campaigns targeting SSO platforms, where attackers impersonate IT support to steal user credentials.