Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread

ronald . guilmet on 3 Apr 2018 15:10:54 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread

From: ronald.guilmet@phillydatasolutions.com
To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Subject: Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread
Date: Tue, 3 Apr 2018 22:10:48 +0000
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ipm5q3pmeebkfr63v6ybya54hu5jyxfl; d=phillydatasolutions.com; t=1522793448; h=Subject:From:To:Date:Mime-Version:Content-Type:In-Reply-To:References:Message-Id; bh=9DoN4wIP5wKIyz0SPl11Y1B1Utxx9v8idx5/uuFnf9c=; b=URxdpWYILzB4aCdjydTUmIsB9rKcYOtYlc3gdyuLFOMYXGZ/wCCN5TDC7a9RJhej AqiHLFJggOfUoHhpKLHfXsZ5wjp7De743HL0UvlOEiB/wyUOXb7GXqAcSQBJXIJTrhD uYp5JS8/NmZ2T1RLVeBZ7asBrSCUXqLJZfJpqS5k=
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1522793448; h=Subject:From:To:Date:Mime-Version:Content-Type:In-Reply-To:References:Message-Id:Feedback-ID; bh=9DoN4wIP5wKIyz0SPl11Y1B1Utxx9v8idx5/uuFnf9c=; b=DtxgdT/U5YGt8Xb5FspTB6h+s3gZxaWidA1y0op/LGrTmAmEwnPWk8N8zq4juT2D U27hVZgs/iUIyBW6isycUFo6g9Y/DFFVRp0XO6iJofPGogD2rvf26ByzuN/Bsf/wu+/ b5fRTFxq+UuZ8qBkRGmwASQnU058wAxy1xEJssU4=
Feedback-id: 1.us-east-1.LF00NED762KFuBsfzrtoqw+Brn/qlF9OYdxWukAhsl8=:AmazonSES
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>
Thread-index: AQHTy3e4IAUgt7HBSk217o6SCkqJTQABRhsYAAfyvdY=

Title: RE: [PLUG] Fwd: [FD] Massive Breach in Panera Bread

I agree Keith. If you bring it to their attention that tells me a couple of things. Most likely when presented with the problem they did not know how to fix it, or even worse they just didn't care. Many years ago when Commerce bank was around they weren't using POST, so my SSN was being sent via a URL. It was SSL, so maybe that was just me being pedantic. Either way I notified them. I may be jaded, but I don't feel most companies have your security in mind. When pushed against the clock/money, two things will always go by the wayside, and that is documentation and security. Depending on how liquid the company, your security well be last.

Ron Guilmet

Philly Data Solutions, LLC | DBA Philly AWS

ronald.guilmet@phillydatasolutions.com

http://phillydatasolutions.com

-----Original message-----
From: Keith C. Perry
Sent: Tuesday, April 3 2018, 4:07 pm
To: Philadelphia Linux User's Group Discussion List
Subject: Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread

That's a big deal... this guy did the right thing, kept it quite- just fix it. These folks still did nothing until it went public. They're going to need to start penalizing organizations if they can't demonstrate they took corrective action.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Keith C. Perry, MS E.E.
Managing Member, DAO Technologies LLC
(O) +1.215.525.4165 x2033
(M) +1.215.432.5167
www.daotechnologies.com

From: "Louis K" <louis.kratz@gmail.com>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Sent: Tuesday, April 3, 2018 2:51:25 PM
Subject: [PLUG] Fwd: [FD] Massive Breach in Panera Bread

Related article on how Panera was informed of this and have done nothing:

https://medium.com/@djhoulihan/no-panera-bread-doesnt-take-security-seriously-bf078027f815

___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________

Philadelphia Linux Users Group         --        http://www.phillylinux.org

Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce

General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread
  - From: "Keith C. Perry" <kperry@daotechnologies.com>
- Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread
  - From: Thomas Delrue <delrue.thomas@gmail.com>
- Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread
  - From: Ezra Wolfe <ewolfe@ethosce.com>

References:
- [PLUG] Fwd: [FD] Massive Breach in Panera Bread
  - From: Michael Lazin <microlaser@gmail.com>
- Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread
  - From: Louis K <louis.kratz@gmail.com>
- Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread
  - From: "Keith C. Perry" <kperry@daotechnologies.com>

Prev by Date: Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread
Next by Date: Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread
Previous by thread: Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread
Next by thread: Re: [PLUG] Fwd: [FD] Massive Breach in Panera Bread
Index(es):
- Date
- Thread