-
14M employee and customer records leaked and a cyber cartel, ShinyHunters, claim to be behind the attack.
-
The hack that hit Panera Bread revealed the credentials of its users including full names, phone numbers, emails, residential addresses, as well as dates of birth.
-
Everyone whose detail is exposed could face issues like ID theft, fraud account creation, as well as planned social engineering attacks.
An American restaurant chain, Panera Bread, was hit by a cyber attack, which is set to affect millions of its employees and customers. Amid the worries, a notorious group, ShinyHunters, is boasting about being behind this attack.
Their post on a dark web space showed them raising their shoulders about access to approximately 14,000,000 records of personally identifiable credentials.
What Information Was Stolen?
The American restaurant has more than 2,000 locations all over the United States as well as Canada. It handles roughly $6.5 billion in revenue and has up to 140,000 people working for it. Following the hack incident, TorWire reached out to Panera for comment, but we got no response.
Further digging by the research team showed that a data sample from the attackers carried extensive and deeply personal information. These included full legal names of consumers and employees, account usernames, work and personal emails, home addresses, and even birth dates.
The scale of the theft is alarming because it exposes complete identity profiles for millions of people and contributes to a growing global pool of compromised data, following recent massive breaches such as one that exposed 149 million passwords and fueled widespread identity theft fears.
The Real Dangers Facing Victims
Security researchers warn that malicious actors will absolutely weaponize this stolen data. A trending risk today is Identity theft. Bad actors can use these credentials to create fake accounts or file counterfeit tax returns in the names of the victims.
The group has profiled various dangers linked to ID theft. They’ve also provided guidance on protecting yourself from its worst effects.
Another scary threat is social engineering attacks, where bad actors may impersonate the firm directly, using the stolen emails of the employee. They could lure and attack customers with phishing emails to dish out malware or collect even more data.
Today, social engineering is among the most popular internet attacks that many people experience. Fortunately, those exposed to such attacks can defend themselves in multiple ways.
A Pattern of Major Breaches
ShinyHunters isn’t a newbie group. The cartel ranks among the most aggressive groups that specialize in hacking. These kinds of attacks can cause lots of large-scale data breaches and massive data theft, such as last year’s Salesforce CRM data breach, which caused many breaches at hundreds of other companies afterwards.
Well-known global companies and brands were affected, among others, including many high-end brands like Jaguar Land Rover and Gucci & Chanel, as well as many technology companies like Cisco Systems and Google.
Also attracting these types of attacks are large restaurants such as Panera Bread with high-volume customer and employee databases. Just last week, the Everest Ransomware Group claimed that they were behind the data breach of McDonald’s.
Major food chains store millions of personal customer records, making them easy targets for data attacks.
Customers and employees must stay aware of these risks and act diligently: monitor accounts frequently, watch for suspicious activity, and freeze credit if they suspect a compromise. Once again, customer information stored electronically is very vulnerable to data breaches.
