Glassed and confused: Hackers find hole in Krispy Kreme security

Glassed and confused: Hackers find hole in Krispy Kreme security

Glassed and confused: Hackers find hole in Krispy Kreme security

Donut giant Krispy Kreme has revealed that a cyberattack on its network has caused operational disruptions.

In an 8-K filing with the U.S. Securities and Exchange Commission (SEC), Krispy Kreme revealed that it had detected unauthorized activity on its systems last month.

“On November 29, 2024, Krispy Kreme, Inc… was notified of unauthorized activity on a portion of its information technology systems. “The company immediately began taking measures to investigate, contain and remediate the incident with the help of leading cybersecurity experts,” the document says.

“Krispy Kreme stores around the world are open and consumers can order in person, but the company is experiencing some operational disruptions, including with online ordering in some parts of the United States. “Daily deliveries of fresh produce to our retail and restaurant partners are uninterrupted.”

Online orders account for a sizable portion of Krispy Kreme’s sales, and its third-quarter 2024 financial results show that they accounted for 15.5 percent of its sales and drove organic revenue growth of 3.5 percent. for the quarter.

The company said it launched an investigation into the incident and informed federal authorities, in addition to hiring cybersecurity experts to recover its systems and mitigate further damage.

“As of the date of this filing, the incident has had and is reasonably likely to have a material impact on the company’s business operations until recovery efforts are completed,” the company added.

“The expected costs related to the incident, including the loss of digital sales revenue during the recovery period, fees for our cybersecurity experts and other advisors, and costs to restore any affected systems, are reasonably likely to have a material impact on the results of operations and financial condition of the company.”

Krispy Kreme added that the expenses it faces will be partially covered by its cybersecurity insurance and that it does not expect the incident to have a “material long-term impact” on its operations and financial condition. Following the disclosure, Krispy Kreme’s share price fell 2.5 percent, but is slowly recovering.

Currently, no threat actors have claimed responsibility for the incident, nor has Krispy Kreme disclosed the nature of the incident.

Leave a Reply

Your email address will not be published. Required fields are marked *