I think they need to use their loaf and sort it
The crusty is the nearest thing that we have to a bread icon -->
The website for restaurant chain Panera Bread has made the personal information for customers' online accounts available for takeout since August last year, according to security researcher Dylan Houlihan. The all-your-can-eat menu on its website offered online account holders' full names, home addresses, email addresses, …
"eight months after initially alerting the bread biz, Houlihan finally managed to get the culinary company to close its data buffet on Monday by publishing evidence of his findings on Pastebin and alerting the media."
Experience is a dear teacher but there are those who will learn by no other.
Houlihan is right - this incident is really indicative of a general trend across all businesses that deal with personal data.
The only way I can see this situation changing is if there is a financial incentive: avoiding crippling fines.
No publicly-accessible platform is completely secure and nearly anything can be breached by a dedicated, technically-advanced and well funded adversary. That being the case, however, the vast majority of breaches that occur need nowhere near that level of backing and, far too often, are laughably easy.
In such cases, the negligence is nearly willful and needs to be punished as such.
this incident is really indicative of a general trend across all businesses that deal with personal data.
There were several studies, some dating back as early as 2010, that it is still CHEAPER for a company to get hacked/breached than to do any action, i. e. improve IT security, inform users that their details have been stolen, pay for customer's credit card information be "monitored".
When US banks were told that they should be issuing PIN-based credit cards (vs swipe and sign), the banks refused because they don't want to be responsible of upgrading the merchant facilities because the banks don't want to PAY for it.
At the end of the day, we're going to be seeing more of these.