Krispy Kreme has disclosed a cybersecurity incident that disrupted parts of its IT systems, including online ordering in the United States.
The company became aware of the unauthorized activity on November 29 and has since launched an investigation, working with external cybersecurity experts to address the issue.
Angela Yochem is the Chief Information Officer of Krispy Kreme since December 2023. Krispy Kreme does not reveal the name of its cyber security technology partner. Krispy Kreme does not reveal the size of its IT budget.
In a regulatory filing, Krispy Kreme acknowledged that the incident could have a material impact on its operations, including losses tied to digital sales. The company reported a 3.5 percent revenue growth in the third-quarter, reaching $376.4 million. Digital sales accounted for 15.5 percent of its doughnut shop sales.
While online ordering remains affected, the doughnut chain emphasized that its shops worldwide remain open, allowing customers to place in-person orders. Krispy Kreme’s global Points of Access increased by 18 percent to a total of 15,811 locations during the third-quarter of 2024.
“We know this is an inconvenience and are working diligently to resolve the issue,” Krispy Kreme stated, reassuring customers that fresh doughnuts remain available in stores and at participating grocery or convenience outlets.
The company is focused on investigating, containing, and remediating the breach and aims to restore online ordering services as soon as possible.
