Krispy Kreme Data Breach Affects 160,000+ Customers
▼ Summary
– Krispy Kreme confirmed a November 2024 cyberattack exposed personal data of over 160,000 individuals, including social security numbers and financial details.
– The company detected unauthorized IT system activity on November 29 and disclosed the breach in December, hiring cybersecurity experts to assess the impact.
– The Play ransomware gang claimed responsibility for the attack, releasing stolen documents on its dark web site after failed negotiations with Krispy Kreme.
– Play ransomware, active since 2022, uses double-extortion tactics and has targeted over 300 organizations globally, including major companies and government entities.
– Stolen data also included health information, such as medical records and health insurance details, as revealed in a June 2025 update by Krispy Kreme.
Krispy Kreme recently disclosed a significant data breach impacting more than 160,000 customers, with sensitive personal and financial information exposed during a cyberattack late last year. The popular doughnut chain, which operates globally with thousands of locations, confirmed the incident in regulatory filings and began notifying affected individuals this month.
According to documents submitted to state authorities, the compromised data includes highly sensitive details such as Social Security numbers, driver’s license information, and financial account credentials. While Krispy Kreme stated there’s no evidence of misuse so far, the scale of the breach raises concerns about potential identity theft risks for victims.
The company detected unauthorized access to its systems in late November, prompting an internal investigation with the help of cybersecurity experts. By mid-December, disruptions to online ordering systems hinted at broader operational issues. The Play ransomware group later claimed responsibility, alleging they stole confidential corporate documents, payroll records, and customer data before publishing hundreds of gigabytes of files on the dark web after failed negotiations.
Play ransomware, active since 2022, has targeted numerous high-profile organizations, including government agencies and major corporations. Their double-extortion tactics, stealing data before encrypting systems, have made them a persistent threat. Recent advisories from the FBI and international cybersecurity agencies highlight the group’s global reach, with hundreds of victims reported in recent years.
In an updated statement, Krispy Kreme revealed that health-related information was also among the stolen data, expanding the potential risks for impacted individuals. The company is offering credit monitoring services and urging customers to remain vigilant against phishing attempts or suspicious activity.
As cyberattacks continue to target businesses of all sizes, this incident underscores the importance of robust data protection measures and prompt breach disclosures to mitigate harm to consumers. Affected customers should review their financial statements, enable fraud alerts, and consider freezing their credit as precautionary steps.
(Source: BLEEPINGCOMPUTER)
