Click to Skip Ad
Closing in...

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Dunkin’ Donuts warns that its DD Perks program may have been hacked

Published Nov 29th, 2018 1:21PM EST
Dunkin' Donuts Hackers
Image: Pedro Martinez Valera

Despite the vast amount of resources companies typically spend on thwarting hacking, it seems that we can’t even go a few weeks without a new company issuing a statement about some sort of security breach. The latest victim in this regard appears to be Dunkin’ Donuts, with the nationwide chain issuing a statement earlier today about a security breach involving its DD Perks program.

According to the statement, an unauthorized third-party in late October accessed information pertaining to the company’s DD Perks program. The working theory at the moment is that the hacker or hackers involved obtained usernames and passwords from a previous and unrelated security breach and subsequently tried to use said usernames and passwords to access any number of online accounts.

As far as security breaches go, the Dunkin’ Donuts incident at issue doesn’t appear to be particularly grave. Per the company, the information hackers were potentially able to access is limited to customer first and last names, email addresses, DD Perks account numbers, and DD Perks QR codes. Notably, Dunkin’ Donuts relays that its security vendor was able to stop most of the unauthorized attempts to access DD Perks information.

Upon being aware of the breach, Dunkin’ Donuts’ statement describes what steps they took next:

We immediately launched an internal investigation and have been working with our security vendor to remediate this event and to help prevent this kind of event from occurring in the future. As you know already, we forced a password reset that required all of the potentially impacted DD Perks account holders to log out and log back in to their account using a new password. We also have taken steps to replace any DD Perks stored value cards with a new account number, but retaining the same value that was previously present on those cards. We also reported the incident to law enforcement and are cooperating with law enforcement to help identify and apprehend those third-parties responsible for this incident.

The company’s full press release on the matter can be viewed over here.

Yoni Heisler Contributing Writer

Yoni Heisler has been writing about Apple and the tech industry at large with over 15 years of experience. A life long expert Mac user and Apple expert, his writing has appeared in Edible Apple, Network World, MacLife, Macworld UK, and TUAW.

When not analyzing the latest happenings with Apple, Yoni enjoys catching Improv shows in Chicago, playing soccer, and cultivating new TV show addictions.