The cybercriminal group ShinyHunters has asserted that it successfully breached Panera Bread, stealing a substantial amount of data. This incident is part of a broader pattern of attacks targeting multiple companies, including CarMax and Edmunds.
Details of the Breach
ShinyHunters claims to have stolen over 14 million records from Panera Bread, which includes personal information such as names, email and home addresses, phone numbers, and account details, amounting to 760 MB of compressed data. The group also reported similar breaches at CarMax, with over 500,000 records totaling 1.7 GB, and Edmunds, which reportedly had “millions” of records comprising 12 GB of data.
Method of Access
According to ShinyHunters, the breach at Panera was facilitated through a Microsoft Entra single-sign-on (SSO) code. The group indicated that the breaches at CarMax and Edmunds were the result of earlier, unrelated intrusions. A spokesperson from Microsoft stated that they had no additional information to share regarding this incident.
Broader Implications
ShinyHunters’ claims come amid a series of data breaches that have affected various organizations. In a recent blog post, the group detailed that their operations against Crunchbase, SoundCloud, and Betterment resulted in the theft of over 50 million records. They gained access to Crunchbase and Betterment by employing voice-phishing techniques to obtain Okta SSO codes, which involve impersonating IT support to deceive employees into providing their credentials.
Ongoing Threat Landscape
The threat posed by ShinyHunters is part of a larger trend of cybercriminals exploiting vulnerabilities in identity management systems. Security researchers have noted that ShinyHunters is targeting around 100 organizations in a new campaign, indicating a significant and ongoing threat to data security across multiple sectors.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
