Introduction
In November 2024 [2] [3] [4] [6] [7] [9] [10], Krispy Kreme experienced a significant cyberattack that disrupted its online ordering system [1] [2] [6] [10], impacting its business operations and sales. This incident highlights the vulnerabilities in interconnected systems and the importance of robust cybersecurity measures.
Description
Krispy Kreme confirmed a cyberattack in November 2024 that significantly disrupted its online ordering system for donuts across parts of the United States, leading to a material impact on business operations and affecting approximately 15.5% of the company’s sales in Q3 2024. The company detected unauthorized access to its information technology systems [2] [5] [7] [9], which persisted for nearly two weeks [9]. While all 400 US locations remained operational for in-person orders, ensuring that deliveries to partners, including grocery stores and nearly 2,000 McDonald’s restaurants [8], continued unaffected, the attack has resulted in lost revenue from online sales. In an SEC filing [1], Krispy Kreme acknowledged the operational disruptions caused by the incident and warned of potential material impacts on its business until full recovery of its IT systems is achieved.
As of December 11, 2024 [6], the company reported incurring costs related to cybersecurity experts and system restoration efforts [2]. Krispy Kreme has notified federal law enforcement and is currently investigating the full scope and impact of the attack [5]. Experts noted that there is some isolation between the online ordering platform and the store management system [1], which mitigates the impact on physical store operations [1]. Speculation suggests that Krispy Kreme may be negotiating with the threat actors to prevent data leakage [9], although there is no confirmation regarding the nature of the attack or whether it involves ransomware [9]. The company has cybersecurity insurance [1] [7], which it anticipates will help cover part of these financial losses. Despite these challenges [2], Krispy Kreme remains optimistic about a swift recovery and does not foresee long-term negative effects on its overall financial condition or operational results.
While specific details regarding the nature of the attack have not been fully disclosed [2], preliminary indications suggest it may have been a ransomware incident [7], although no ransomware groups have claimed responsibility [4] [10]. The initial point of infection remains unidentified [1], and it is unclear whether the disruptions were caused by the attackers or if the company preemptively shut down the system [6]. Following the incident [4] [8] [10], Krispy Kreme’s shares have declined by about 2% and are down 33% for the year 2024 [10]. The company reported 2023 revenue of $1.7 billion and employs over 22,000 people [4], operating more than 1,500 locations globally [4], including 120 in the UK [10], with its headquarters in Charlotte, North Carolina [2]. This incident underscores the vulnerabilities of interconnected systems and highlights the importance of reevaluating identity security approaches to prevent future breaches that could affect critical systems and data.
Conclusion
The cyberattack on Krispy Kreme in November 2024 had a notable impact on its online sales and business operations. The company has taken steps to mitigate the effects, including engaging cybersecurity experts and leveraging insurance coverage. This incident serves as a reminder of the critical need for enhanced cybersecurity strategies to protect against future threats and ensure the resilience of business operations.
References
[1] https://www.csoonline.com/article/3623276/a-security-hole-in-krispy-kreme-doughnuts-helped-hackers-take-a-bite.html
[2] https://thecyberexpress.com/krispy-kreme-cyberattack/
[3] https://www.verdictfoodservice.com/news/krispy-kreme-cyberattack/
[4] https://www.techmonitor.ai/technology/cybersecurity/krispy-kreme-confirms-online-ordering-disruption-following-cyberattack
[5] https://informationsecuritybuzz.com/glazed-krispy-kreme-battle-cyberattack/
[6] https://www.helpnetsecurity.com/2024/12/12/krispy-kreme-cybersecurity-incident-disrupts-online-ordering/
[7] https://www.techradar.com/pro/security/krispy-kreme-orders-across-the-us-disrupted-after-cyberattack
[8] https://m.stylemagazine.com/news/2024/dec/12/krispy-kreme-is-struggling-to-fulfill-online-orders-after-it-was-hit-with-a-cyberattack/
[9] https://www.techtimes.com/articles/308698/20241212/online-donut-orders-failing-it-because-krispy-kreme-recently-faced-cyberattack.htm
[10] https://www.cybersecurityintelligence.com/blog/speciality-bakery-chain-hacked-8126.html
