Dive Brief:
- Krispy Kreme is experiencing disruptions to its operations, including online ordering, following a cybersecurity incident, the company said on its website Wednesday. Restaurant Dive attempted to order on its website, but the option was unavailable across multiple locations.
- Krispy Kreme said it is working to restore online ordering and has notified federal law enforcement of the incident, according to an 8-K filing with the Securities and Exchange Commission.
- The attack on Krispy Kreme comes a few weeks after third-party vendor Blue Yonder experienced a widespread attack that impacted various businesses, including Starbucks, which briefly lost its ability to schedule workers.
Dive Insight:
Incidents like this show how vulnerable restaurants could be to cyberattacks as the industry increasingly relies on digital channels. Just about every restaurant chain has online ordering capabilities and is investing in growing digital sales. This channel made up over $8 billion in sales for Yum Brand during the third quarter, for example.
Krispy Kreme has been focused on building its digital platform of late and updated its loyalty program earlier this year. During the third quarter, the chain increased digital sales by 15%, said CEO Josh Charlesworth during an earnings call.
This cybersecurity incident could result in a loss of revenue from digital sales, the company said in the 8-K. The doughnut brand also expects costs associated with fees paid to cybersecurity experts and the restoration of impacted systems “are reasonably likely to have a material impact on the Company’s results of operations and financial condition,” per the filing.
The chain said its shops remain open and consumers can still place orders in-store and buy doughnuts at grocery stores and other retailers. Deliveries to retail and restaurant partners are not impacted by this incident, according to the filing.
The doughnut chain was informed of unauthorized activity in its information technology systems on Nov. 29, according to the 8-K. The company has taken steps to “investigate, contain, and remediate the incident,” per the filing.
“The organization has responded promptly to the incident and collaborates with external experts to understand the issue and resolve it. This is very positive,” Boris Cipot, senior sales engineer at technology firm Black Duck, wrote in an email. “However, this incident also shows that industry segments that are usually not associated with technology should be focusing on improving their overall security posture.”
Cipot said Krispy Kreme is a lucrative target for attackers, and companies should consider threat detection systems that can locate a threat before it impacts operations.
“Implementation of regular security assessments, enhanced endpoint security and an incident response plan are just a few of the security steps that an organization can implement to avoid a long downtime,” Cipot said.
The company is still investigating this incident and the full nature and impact of the attack is not yet known, according to the filing.
Krispy Kreme expects cybersecurity insurance to offset some of the costs of the incident and doesn’t expect a long-term impact on its finances.
