Krispy Kreme Faces Disruptions After Cyberattack Hits Online Orders
Krispy Kreme is grappling with operational disruptions following a recent cyberattack, which has severely impacted its online ordering services across parts of the United States.
The doughnut chain confirmed on Wednesday that it identified “unauthorised activity” within its technology systems late last month. While the full scope of the breach is still under investigation, Krispy Kreme acknowledged that the incident is affecting its digital operations and could result in financial setbacks.
In a regulatory statement, the company said the disruption would likely reduce revenue due to halted online sales, alongside costs incurred for cybersecurity experts and system recovery. Federal law enforcement agencies have been notified, and the company continues to assess the situation.
Despite the attack, Krispy Kreme’s 400 U.S. stores remain open for in-person purchases, and deliveries to partners—such as grocery chains and McDonald’s locations—are unaffected. The company has reassured customers that its physical operations and partnerships continue as normal.
The incident comes amid a period of expansion for Krispy Kreme. Earlier this year, the company strengthened its partnership with McDonald’s and recently sold a majority stake in Insomnia Cookies to private equity firms to focus on its core doughnut business.
Krispy Kreme, which trades under the ticker DNUT, went public again in 2021. Its shares fell by approximately 1% in premarket trading following the announcement and are down 30% so far this year.
While Krispy Kreme works to restore its systems, the cyberattack highlights growing vulnerabilities in digital operations, even for companies in the food service industry.