Krispy Kreme, the U.S. doughnut chain, confirmed a cyberattack in November 2024 that resulted in the theft of personal information of over 160,000 individuals. The breach affected 161,676 individuals, exposing their social security numbers, financial account information, and driver's license information. The Play ransomware gang claimed responsibility for the attack, releasing hundreds of GBs of stolen documents on their dark web leak site after failed negotiations.
TPRM report: https://scoringcyber.rankiteo.com/company/krispy-kreme
"id": "kri302061925",
"linkid": "krispy-kreme",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 161676,
'industry': 'Food and Beverage',
'location': 'Global',
'name': 'Krispy Kreme',
'size': '22,800 Employees',
'type': 'Multinational Coffeehouse Chain'}],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 161676,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Social Security Numbers',
'Financial Account Information',
"Driver's License Information",
'Client Documents',
'Budget',
'Payroll',
'Accounting',
'Contracts',
'Taxes',
'IDs',
'Finance Information']},
'date_detected': '2024-11-29',
'date_publicly_disclosed': '2024-12-11',
'description': 'Krispy Kreme confirmed that attackers stole the personal '
'information of over 160,000 individuals in a November 2024 '
'cyberattack.',
'impact': {'data_compromised': ['Social Security Numbers',
'Financial Account Information',
"Driver's License Information",
'Client Documents',
'Budget',
'Payroll',
'Accounting',
'Contracts',
'Taxes',
'IDs',
'Finance Information'],
'identity_theft_risk': 'High',
'operational_impact': 'Disruptions to Online Ordering',
'payment_information_risk': 'High',
'systems_affected': 'IT Systems'},
'initial_access_broker': {'data_sold_on_dark_web': True},
'motivation': 'Financial Gain, Data Theft',
'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'Play'},
'references': [{'source': 'BleepingComputer'}],
'regulatory_compliance': {'regulatory_notifications': ["Maine's Office of the "
'Attorney General',
"Massachusetts' "
'Attorney General',
'SEC']},
'response': {'communication_strategy': 'Breach Notification Letters',
'containment_measures': 'Took Measures to Contain the Breach',
'third_party_assistance': 'External Cybersecurity Experts'},
'threat_actor': 'Play Ransomware',
'title': 'Krispy Kreme Data Breach',
'type': 'Data Breach, Ransomware'}