Panera Bread reportedly hit by worrying data breach that sees 14 million records exposed - here's what we know

News
By published

Names, addresses, and more, stolen from Panera Bread

Phishing, E-Mail, Network Security, Computer Hacker, Cloud Computing Cyber Security 3d Illustration
(Image credit: Shutterstock)
  • ShinyHunters stole 14 million Panera Bread customer records via Entra SSO breach
  • Attack linked to Okta-targeted voice phishing campaigns affecting multiple companies
  • Group exfiltrates data without encryption, demanding payment for stolen information

Panera Bread has reportedly suffered a data breach at the hands of the infamous ShinyHunters hackers, with millions of records, affecting countless customers stolen in the attack.

ShinyHunters added Panera Bread, CarMax, and Edmunds, to its data leak site. For the former, 14 million records were nabbed, which included people’s names, email addresses, postal addresses, as well as phone numbers and account details. In total, 760 MB of compressed data was exfiltrated from the systems.

Speaking to The Register, ShinyHunters said they broke into Panera via Microsoft Entra single sign-on (SSO). If that is true, then this incident is likely tied to Okta’s warning from last week, when the company said it saw cybercriminals targeting Okta, Microsoft, and Google SSO codes through a sophisticated voice phishing campaign.

Voice phishing Okta codes

Furthermore, if that really is the case, then Panera Bread, which has thousands of locations around the US and Canada, can be added to a growing list of victims who lost their data this way: Crunchbase, and Betterment. ShinyHunters said both these were breached by voice phishing Okta codes.

So far, none of the victims spoke publicly about the incidents. Betterment was the only one who confirmed the breach, saying its employees fell for a social engineering attack on January 9:

"The unauthorized access involved third-party software platforms that Betterment uses to support our marketing and operations," the company said.

"Once they gained access, the unauthorized individual was able to send a fraudulent, crypto-related message that appeared to come from Betterment to a subset of our customers."

ShinyHunters is one of the most active ransomware groups at this time, and one of the first which has stopped using an encryptor entirely. Instead of encrypting victim systems, it simply exfiltrates data and demands payment for them. It is easier and cheaper to execute yet pays equally well.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.