In November 2024, Krispy Kreme experienced a cyber incident. As of recently, the organization has revealed that 161,676 people were impacted by this breach. The time frame between the breach and the notice of affected individuals has some cyber experts concerned. 

Chris Hauk, Consumer Privacy Champion at Pixel Privacy, remarks, “It is concerning that it has taken Krispy Kreme this long to acknowledge the data breach and inform the individuals affected by the breach. I'm not saying they need to put a glowing neon sign in their window that says ‘Your data is hot and has been stolen,’ but they should not have taken this long. 7 months is a long time for data to be exposed without anyone being informed, and the least Krispy Kreme could do is offer free credit monitoring and free donuts for life.”

For people affected by this breach, remaining aware and alert is essential to staying secure. 

Hauk states, “Affected individuals need to keep an eye on their accounts (and take advantage of any free credit monitoring services that may be offered) and stay alert for any phishing texts, emails, or phone calls from bad actors attempting to use the harvested data to get their hands on even more personal and financial data.”