U.S. doughnut chain Krispy Kreme confirmed that attackers stole the private info of over 160,000 people in a November 2024 cyberattack.
The American multinational coffeehouse chain employed 22,800 folks in 40 nations as of December 2023 and operates 1,521 outlets and 15,800 factors of entry.
It additionally manages 4 “Doughnut Factories” in america and 37 others internationally, and it companions with McDonald’s to have its merchandise offered in hundreds of McDonald’s places worldwide.
This week, in a submitting with Maine’s Workplace of the Legal professional Basic, Krispy Kreme revealed that the November knowledge breach had affected 161,676 people.
“On Could 22, 2025, we decided that sure of your private info was impacted by this incident,” it informed affected people in breach notification letters despatched to impacted folks. “There isn’t any proof that your info has been misused, and we aren’t conscious of any experiences of identification theft or fraud as a direct results of this incident.
Whereas the corporate did not reveal what knowledge was uncovered within the incident, a separate submitting with Massachusetts’ Legal professional Basic discloses that stolen paperwork contained affected people’ social safety numbers, monetary account info, and driver’s license info.
Krispy Kreme detected unauthorized exercise on its IT techniques on November 29 and disclosed the incident, together with disruptions to its on-line ordering, in an SEC submitting filed on December 11.
The corporate additionally took measures to comprise the breach and employed exterior cybersecurity consultants to evaluate the assault’s full affect on its operations.
Breach claimed by Play ransomware
Whereas Krispy Kreme has but to share further particulars concerning the November breach, the Play ransomware gang claimed duty for the assault in late December, saying in addition they stole knowledge from the corporate’s community.
Play ransomware claimed, with out proof, that the allegedly stolen recordsdata comprise “non-public and private confidential knowledge, shopper paperwork, funds, payroll, accounting, contracts, taxes, IDs, finance info,” and extra.
After negotiations with the corporate failed, the ransomware gang launched a number of archives containing lots of of GBs of paperwork on its darkish internet leak website on December 21.
The Play ransomware operation emerged in June 2022, and its operators are identified for stealing delicate knowledge from compromised techniques and utilizing double-extortion techniques to strain victims into paying a ransom beneath the specter of leaking the stolen knowledge on-line.
Notable victims embrace cloud computing firm Rackspace, automotive retailer big Arnold Clark, the Metropolis of Oakland in California, Dallas County, the Belgian metropolis of Antwerp, and, most just lately, American semiconductor provider Microchip Know-how.
In December, the FBI issued a joint advisory with CISA and the Australian Cyber Safety Centre, warning that the Play ransomware gang had breached round 300 organizations globally as of October 2023.
Patching used to imply complicated scripts, lengthy hours, and countless hearth drills. Not anymore.
On this new information, Tines breaks down how trendy IT orgs are leveling up with automation. Patch quicker, scale back overhead, and deal with strategic work — no complicated scripts required.
