Hackers discover hole in Krispy Kreme Doughnuts’ cyber-safety
Hackers discover hole in Krispy Kreme Doughnuts’ cyber-safety
Doughnut chain Krispy Kreme says it has been hit by a cyberattack which has disrupted its online systems.
Some customers have been unable to make online orders as a outcome of the hack, which occurred in late November but has only just been disclosed.
Krispy Kreme revealed the attack in a regulatory filing with the US financial instruments and Exchanges fee (SEC) on Wednesday.
It said the incident was “reasonably likely” to “have a material impact” on the firm’s business operations, but clarified that brick-and-mortar shops remain open.
“We’re experiencing sure operational disruptions due to a cybersecurity incident, including with online ordering in parts of the United States,” reads a communication on the Krispy Kreme website.
“We recognize this is an inconvenience and are working diligently to resolve the issue.”
The firm told the BBC in a statement it “immediately” took steps to investigate and contain the incident, and has brought in cybersecurity experts.
“We, along with them, continue to work diligently to respond to and mitigate the impact from the incident, including the restoration of online ordering,” it said.
No groups have publicly taken responsibility for the hack.
Krispy Kreme is a large chain in the US, which has more than 1,400 shops worldwide.
In the UK it is smaller, but its 120 locations make it the largest speciality doughnut retailer in the country.
Krispy Kreme stated in its SEC filing that it has cybersecurity insurance, which it expects “to offset a portion of the costs”.
It said it expected these costs to arise from a deficit of digital sales, fees for the experts it has hired, and the restoration of impacted systems.
Cyber-attacks have caused solemn disruption this year, plaguing key infrastructure including hospitals and transport systems.
“The proliferation of cyberattacks in 2024 shows that hackers are willing to target anything and everything,” said Spencer Starkey, from cyber-safety firm SonicWall.
“It’s vital every single business has a robust roadmap in place to deploy if and when an attack happens,” he added.
Social media is taking this incident somewhat less seriously, however.
“Anyone messing with Krispy Kreme should be jailed for life,” joked one user on X.
“Cybercriminals, you’ve gone too far this period,” posted another.
Post Comment