HQ/EMEAFind out how we can help your business
Donut and coffee retailer Krispy Kreme has confirmed that it suffered a serious data breach following a ransomware attack that took place in December 2024. The company is now sending out notifications to individuals whose personal data was compromised as a result of the incident.
The cyberattack, which occurred on December 11, 2024, caused operational disruptions across Krispy Kreme’s systems. About a week later, the Play ransomware group claimed responsibility for the attack, stating they had stolen 184 gigabytes of sensitive information. When the company reportedly refused to pay the ransom, the attackers published the stolen data on their dark web leak site later that month.
An internal investigation by Krispy Kreme revealed that the breach had exposed a wide range of sensitive data. The compromised information includes names, dates of birth, Social Security numbers, driver’s licence or state ID numbers, financial account credentials, payment card details, passport numbers, digital signatures, email addresses with passwords, biometric data, U.S. military ID numbers, and even medical and health information.
The company clarified that the majority of those affected are current and former Krispy Kreme employees, along with their family members. While the exact number of individuals impacted has not been confirmed, Krispy Kreme employs roughly 20,000 people. Notably, the company reported to the Texas Attorney General that nearly 7,000 Texans were among the victims.
To help protect those affected, Krispy Kreme is offering free credit monitoring and identity protection services. Although the company stated that there is no evidence yet of the stolen data being misused, experts warn that the public availability of this information makes it vulnerable to exploitation.
This ransomware attack has also had a significant financial impact on the company.
According to Krispy Kreme, the breach has already cost them over $11 million in fiscal year 2024. With investigations and mitigation efforts still ongoing, the total cost is expected to rise further in 2025.
As ransomware attacks become increasingly common and damaging, this incident highlights the importance of strong cybersecurity measures, particularly for organisations handling large volumes of personal and financial data. Krispy Kreme’s response will continue to be monitored closely as they work to manage the consequences and restore trust.
