Panera Bread week-long IT outage caused by ransomware attack


Panera Bread’s recent week-long outage was caused by a ransomware attack, according to people familiar with the matter and emails seen by BleepingComputer.

BleepingComputer has learned that a ransomware attack encrypted many of the company’s virtual machines, preventing access to data and applications. The company has since restored some of its systems from backups.

It is unclear which ransomware group is responsible for the attack, as none have claimed responsibility yet. This suggests that the attackers are either waiting for a ransom payment or have already received one.

Panera has not responded to multiple requests for comments about the outage and the attack.

However, numerous Panera employees told BleepingComputer that the company has not shared any information, and they are concerned with the company’s lack of transparency and whether their data was stolen in the attack.

Panera Bread suffered the massive outage on March 22, impacting its internal IT systems, phones, point of sales system, website, and mobile apps. As systems were down, employees could not access their shift details and had to contact managers to learn when to come to work.

Panera Bread website outage
Panera Bread website outage
Source: BleepingComputer

During the outage, stores were unable to process electronic payments and had to accept cash only. Additionally, the reward program systems were down, preventing members from redeeming their points.

Panera Sip Club members were particularly frustrated because they could not take advantage of the unlimited drinks they had paid $14.99 per month for as part of their subscription.

As of January 23, 2024, the company and its franchises owned 2,160 cafes under the names Panera Bread or Saint Louis Bread Co. These cafes are spread across 48 states in the U.S. and Ontario, Canada.

For the past week, Omni Hotels has also been dealing with a massive IT outage, causing reservation problems, two-hour check-in lines, and hotel employees having to let guests into rooms with master keycards as the door lock systems were down.

Omni disclosed yesterday that they suffered a cyberattack without elaborating on the type of attack. However, BleepingComputer has learned they also suffered a ransomware attack leading to the outages.



Source link