HQ/EMEAFind out how we can help your business
Popular doughnut brand Krispy Kreme suffered a cyberattack that disrupted its standard operation, affecting its business activities and online order processing.
The company filed an SEC filing earlier this week explaining that it uncovered suspicious behaviour on November 29, 2024. This unwanted activity is alleged to have caused disruptions to its online ordering system in the United States.
The company’s branches worldwide remain open, and customers can place orders in person. However, the company is experiencing operational problems, including online ordering in some parts of the US. Still, daily fresh deliveries to its retail and restaurant partners are continuous.
The firm has also updated its website with a note advising customers that online ordering is currently unavailable.
Krispy Kreme assured the public that they would immediately address the issue.
With Krispy Kreme experiencing operational disruptions due to a cybersecurity attack, the firm reached out to the public by apologising for the inconvenience, which they will rectify immediately.
Following the attack, the corporation claims that it quickly employed a third-party service provider that would assist them in fixing the problem and resolving the situation. The investigation of the attack is still ongoing; hence, the nature and exact impact are not yet precise.
The cyberattack has had a material impact on the company’s business and will continue until recovery is completed. As of now, the affected entity has no particular dates or projections as to when the problem will be resolved.
Furthermore, the company expects a reasonable financial impact from the loss of digital sales revenue during the recovery time and expenses for external services and consultants and system restoration costs.
Krispy Kreme has not provided any other information about the incident, so it’s unclear whether it was a ransomware attack or another data breach.
Lastly, no ransomware groups have claimed responsibility for the cyberattack, but if it was ransomware, the company may already be in the negotiating process at this point.
