Panera Bread Confronted with Customer Data Security Issues

St. Louis bakery-chain Panera Bread has reportedly leaked eight-months worth of customer records from its website, according to KrebsOnSecurity.

In a  blog post, the security news website said the data leak included names, email and physical addresses, birthdays and the last four digits of credit card number of “millions” of customers who ordered food online on the company’s website, panerabread.com.

Panera Bread told Reuters the issue was resolved.

“Our investigation is continuing, but there is no evidence of payment card information nor a large number of records being accessed or retrieved,” Panera Bread’s Chief Information Officer John Meister said in a statement.

Meister also said the company’s investigation into the matter to date indicated that fewer than 10,000 consumers had been potentially affected and it was working to finalize the investigation and take the appropriate next steps.

The St. Louis-based company, which competes with Chipotle Mexican Grill Inc, was acquired by privately owned German conglomerate JAB Holding in 2017.