Leaks and breaches

There were a few, so I'm grouping them here:

  • 150 million MyFitnessPal accounts have been compromised. Most passwords were hashed with bcrypt, but unfortunately some with SHA-1. The company does get kudos for a quick and clear disclosure process: link
  • Panera Bread, a food chain with over 2000 stores, gets less kudos for having all their customer names, physical addresses and four digits of their credit cards exposed on their website for eight months before fixing it: link
  • The US retail stores Saks and Lord & Taylor reported that 5 million credit card records where stolen: link
Dieter Van der Stock