Cyber Incident Disrupting Krispy Kreme Online Orders

Written by

Krispy Kreme has been hit by a cyber-incident which is disrupting operations including online orders, the firm has reported in a filing to the Securities and Exchange Commission (SEC).

The US-based doughnut maker and coffeehouse chain admitted that the incident has had and is reasonably likely to have a material impact on the Company’s business operations until recovery efforts are completed.

Additionally, expected costs related to the incident, including the loss of revenues from digital sales, advisory fees and recovery costs, are likely to have an impact on the company’s financial condition.

Digital orders represented 15.5% of Krispy Kreme’s overall sales in the firm’s Q3 2024 financial results.

The firm’s cyber insurance policy is expected to offset a portion of the costs of the incident.

Currently, customers are unable to order Krispy Kreme products in parts of the US. However, the company’s shops remain open globally and customers can place orders in person.

Daily fresh deliveries of Krispy Kreme doughnuts to retailers and restaurants are also uninterrupted.

“The Company does not expect this will have a long-term material impact on its results of operations and financial condition,” the firm stated in the SEC filing, dated December 11.

The firm has so far not provided any information on the nature of the incident or whether customer data may have been affected.

Read now: Starbucks and Grocery Stores Face Disruption after Ransomware Attack on Blue Yonder

Unauthorized Activity Detected

Krispy Kreme said it was notified of unauthorized activity on a portion of its IT systems on November 29, 2024. It took steps to investigate, contain and remediate the incident with the assistance of external cybersecurity experts.

This work is ongoing, including efforts to restore online ordering.

“As the investigation of the incident is ongoing, the full scope, nature, and impact of the incident are not yet known,” Krispy Kreme wrote.

Law enforcement have been informed of the incident.

Commenting on the story, William Wright, CEO of Closed Door Security, said the fact Krispy Kreme’s cafes and suppliers appear to be unaffected by the incident suggests the firm was able to prevent the attackers accessing operational technology within its environment.

“The attackers could have pivoted away from the IT network and gained access to operational technology, where they could have impacted the production of doughnuts – putting the attack on a ‘hole’ new level,” Wright said.

“This could be a targeted attack against Krispy Kreme during one of the busiest periods of the year. With customers not being able to shop online, this could see them looking elsewhere to carry out their purchases,” he added.

Image credit: grandbrothers / Shutterstock.com

What’s hot on Infosecurity Magazine?