Very big mess – Krispy Kreme -datalek sees data over more than 160,000 people exposed
- Advertisement -
Related Posts
- Advertisement -
- More than 160,000 people had leaked their data from Krispy Kreme
- The victims are mainly employees and their family members
- The perpetrator is still unknown
Krispy Kreme has revealed exactly which details were exposed in the infringement that the donut company met in November 2024.
161,676 people were hit by the infringement, with the most staff and their family members, the company said in a submit With the office of Maine of the Attorney General.
The infringement saw a very wide range of sensitive information stolen, which means that many of the victims run the risk of credit fraud, identity theft and more.
A hole a lot of data
The full list of data stolen in the infringement includes:
- Take
- Social Security Numbers
- Dates
- Driver’s license or Staats -ID numbers
- Financial account information
- Information about financial account access
- Credit or payment card data
- Credit or payment card information in combination with a security code, username and password for a financial account
- Passport numbers
- Digital signatures
- User names and passwords
- E -mail addresses and passwords
- Biometric data
- Uscis or alien registration numbers
- American military ID figures
- Medical or health information
- Information about health insurance
Although not all those involved have leaked all the above data, it does illustrate how important it is to correctly protect sensitive information, especially when it comes to credit card and payment data.
It seems that all data may have been merged into a single database, making it much easier for the attackers to steal such information.
The victims were offered for 12 months Credit monitoring And Identity theft protectionThat tradition has become struck by sensitive data breaches for large companies.
Krispy Kreme now shows one rack Krispy Kreme became aware of the data of the data breach: “On November 29, 2024, Krispy Kreme became aware of unauthorized activities on part of its information technology systems. When learning the unauthorized activity we immediately started taking steps to investigate, limit and reserve with the help of the help of cyber -experts.”
“On May 22, 2025, our investigation into the incident determined that certain personal information was affected. There is no evidence that the information has been misused and we are not aware of reports of identity theft or fraud as a direct result of this incident. This notification is not delayed as a result of an investigation of the law, says the statement.
There is no confirmation about who was behind the infringement, but immediately after the disclosure of Krispy Kreme, the game ransomware Gang claimed responsibility.
Bleeping computer Claims that the Play Gang claimed that the reportedly stolen files “private and personal confidential data, customer documents, budget, payroll administration, accounting, contracts, taxes, IDs, financing information” and more containing – have not provided any proof of his activity.
Maybe you like it too
- Advertisement -
