Hackers Claim Breach of 14 Million Records From Panera Bread
Learn More
The threat group ShinyHunters claimed responsibility for the attack on Panera Bread that exposed 14 million customer and employee records.
According to the claims, the attackers gained access by stealing Microsoft Entra single sign-on (SSO) credentials, a technique associated with a wider series of voice phishing attacks that Okta recently warned about. In these attacks, hackers call employees and pretend to be IT support staff, tricking them into entering credentials on fake login pages to capture multi-factor authentication codes in real time.
Panera confirmed the incident to Reuters, stating the compromised data primarily involves contact information.
The threat actors claim to have stolen 760 MB of compressed data from Panera's network. The compromised data includes:
- Full names
- Email addresses
- Postal addresses
- Phone numbers
- Account details
- Dates of birth
The total number of affected individuals, and the exact technical details surrounding the Entra SSO bypass have not been disclosed.
Panera Bread has notified authorities and is investigating the full scope of the breach.
Update - as of 31 Jan 2026, HaveIBeenPwned reports that the breach at Panera Bread exposed 14 million records containing 5.1 million unique email addresses plus associated personal information (names, phone numbers, physical addresses).
