- Krispy Kreme filed a new 8-K report, confirming a cyberattack in late November 2024
- More details about the attackers and their motives are unknown
- The company was forced to turn parts of its IT network off
Krispy Kreme has confirmed recently suffering a cyberattack which disrupted some of its operations.
In an 8-K filing submitted with the US Securities and Exchange Commission (SEC) recently, Krispy Kreme said that it was notified about unauthorized activity “on a portion of its information technology systems” on November 29 this year.
The notification prompted an investigation at the American doughnut and coffeehouse chain, which brought in third-party cybersecurity experts to assist.
No details about the attackers
Despite a timely response, the attack managed to leave a dent in the company’s operations, it seems: “Krispy Kreme shops globally are open, and consumers are able to place orders in person, but the Company is experiencing certain operational disruptions, including with online ordering in parts of the United States,” Krispy Kreme said. “Daily fresh deliveries to our retail and restaurant partners are uninterrupted.”
The company did not share more details about the attacks, and has not currently responded to media inquiries in any meaningful way.
Therefore, we don’t yet know who the attackers were, what they tried to achieve, and if they tried to steal any sensitive data from the company. Given that Krispy Kreme was forced to shut down parts of its infrastructure to contain the damage suggests that this was a ransomware attack and a data grab.
Krispy Kreme said the investigation is currently ongoing and that more details should be available soon. The investigation should also show how much money the company might lose to this incident. It said it expected to lose some revenue from digital sales, and from paying the cybersecurity experts’ fees. However, it does have cybersecurity insurance which should cover at least part of the expenses, it said.
“The Company does not expect this will have a long-term material impact on its results of operations and financial condition,” Krispy Kreme concluded.
You might also like
- Chinese cybersecurity firm facing US sanctions over alleged ransomware attacks
- Here's a list of the best antivirus
- These are the best endpoint protection tools right now