The American chain of bakery-café PaneraBread web leaked customers info by mistake. Leaked data was exposed at least for 8 months.
The data was available in plain text and them contains info for any customer who has signed up for an account to do online order. The information that could be obtained was the email addresses of the users, their personal data, physical address and the last 4 digits of their credit cards.
The security researcher Dylan Houlihan, who discovered the incident, reported on August 2017 to the affected company the data were leaked.