The doughnut chain has acknowledged that the incident could impact its business. Credit: grandbrothers /Shutterstock.

Krispy Kreme has confirmed that a cyberattack has caused significant operational disruptions, including issues with online ordering across the US.  

The company was alerted to unauthorised activity on its information technology systems in November 2024 and is working with cybersecurity experts to resolve the situation, as reported by Reuters. 

Go deeper with GlobalData

Data Insights

The gold standard of business intelligence.

Find out more

Related Company Profiles

View all

The doughnut chain acknowledged the cybersecurity incident could have a material impact on its business, potentially affecting revenue from digital sales.  

Following the announcement, the company’s shares dropped by 2%.

Despite the incident, Krispy Kreme’s physical stores around the globe remain open for in-person orders.  

In a US Securities and Exchange Commission filing, Krispy Kreme disclosed that it had initiated an investigation into unauthorised activity detected on 29 November.  

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The company is making efforts to restore online ordering services and has informed federal law enforcement.

While acknowledging the immediate effects of the hacking, Krispy Kreme does not anticipate any long-term material impact from the cyberattack. 

This incident follows a high-profile breach at Panda Restaurant Group in May 2024, in which the personal information of an unspecified number of employees was compromised, as reported by TOI.  

In November 2024, Starbucks stores in the US were compelled to revert to manual employee scheduling and payroll processing due to a ransomware attack on a third-party software system.   

According to the Wall Street Journal, Starbucks is relying on pen-and-paper to calculate employees’ pay.   

Arizona-based cloud services provider Blue Yonder was also struck by a ransomware attack in late November, causing considerable disruption to its managed services.