Krispy Kreme investigates major cyber-attack disrupting online orders
- Krispy Kreme reported a cybersecurity attack on November 29 that disrupted online orders.
- The investigation into the attack is ongoing, and the company has not determined the full extent of the damage.
- Despite the incident, Krispy Kreme expects no long-term financial impact as in-person sales remain unaffected.
Krispy Kreme, a popular doughnut manufacturer based in the United States, has been grappling with significant disruptions to its online ordering system due to a recent cybersecurity attack. The company first noticed unauthorized activity in its computer systems on November 29, and has since launched an investigation aimed at understanding the extent and implications of the breach. The disruptions have persisted for nearly two weeks, impacting online orders particularly in various regions across the United States, while in-person sales and deliveries to partners, such as McDonald's, remain unaffected. The cybersecurity incident has raised concerns regarding the operational integrity of Krispy Kreme's digital platforms, which generate approximately 16% of its overall sales. The company has communicated to stakeholders that, while the immediate consequences of the cyber attack are significant, it does not anticipate any long-term impact on its financial performance. The company is currently incurring costs related to addressing the ongoing cybersecurity issues, including hiring outside experts to assist with the investigation and remediation efforts. As a publicly traded entity, Krispy Kreme is obligated to disclose material events that could affect its operations, which led to a filing with the US Securities and Exchange Commission (SEC) regarding the attack. The SEC filing noted that they had not yet determined the full scope, nature, and financial impact of the cyber incident. The lack of clarity around whether ransomware was involved in the attack adds to the uncertainty of the situation, as no groups have publicly claimed responsibility for the breach. The cybersecurity attack has had a tangible impact on Krispy Kreme's stock performance, resulting in a 2% drop on the morning news was released. The company's workforce includes over 20,000 employees and more than 1,500 locations globally, places it in a challenging position as it navigates through this incident while also focusing on growth initiatives, such as expanding its partnership with McDonald's. Addressing the disruption of online order capabilities remains a top priority for Krispy Kreme, as it assesses the potential financial ramifications in the short term amid a backdrop of strong consumer demand for its products.