GLOBAL – Multinational doughnut and coffeehouse chain Krispy Kreme has revealed a cyberattack has caused significant operational disruptions across its outlets, more so disruptions in online order processing.
Krispy Kreme reported unauthorized activity on its information technology systems in November 2024 and is collaborating with cybersecurity experts to address the issue, according to Reuters.
The doughnut chain acknowledged that the cybersecurity breach could materially impact its business, particularly digital sales. Following the announcement, the company’s shares fell by 2%.
Despite the cyberattack, Krispy Kreme’s physical stores worldwide remain operational for in-person orders. In a U.S. Securities and Exchange Commission filing, the company revealed it had detected the breach on November 29 and launched an investigation.
Efforts to restore online ordering services are underway, and federal law enforcement has been notified. While Krispy Kreme recognizes the immediate effects of the incident, it does not foresee any long-term material impact on its operations.
This attack underscores the vulnerability of digital systems in the restaurant industry, which has increasingly become a target for cybercriminals.
Research by cybersecurity firm Semperis shows that 86% of firms affected by ransomware attacks were targeted during weekends or holidays, times of reduced staffing.
The Semperis 2024 Ransomware Holiday Report also highlights that more than 80% of organizations surveyed cut security staffing by up to 50% during these periods.
The Krispy Kreme breach follows a series of high-profile cybersecurity incidents in the food and retail sectors.
In May 2024, Panda Restaurant Group experienced a data breach that exposed employees’ personal information, as reported by TOI. Similarly, Starbucks faced operational challenges in November 2024 due to a ransomware attack on a third-party software system.
The attack forced the company to revert to manual employee scheduling and payroll processing, impacting its stores and clients like Morrisons and Sainsbury’s in the UK.
Starbucks spokesperson Jaci Anderson assured that all employees would be paid for their hours worked and customer service would remain unaffected.
The Wall Street Journal reported that Starbucks relied on pen-and-paper methods to calculate pay during this period.
Additionally, Arizona-based cloud services provider Blue Yonder suffered a ransomware attack in late November, disrupting its managed services and causing operational delays.
These incidents highlight the growing risks associated with digital infrastructure across industries.
Sign up HERE to receive our email newsletters with the latest news and insights from Africa and around the world, and follow us on our WhatsApp channel for updates.
Be the first to leave a comment