Dunkin Donuts sued by New York over cyberattacks

Friday 27 September 2019 09:22 CET | News

New York Attorney General has accused Dunkin’ Donuts of failing to protect hundreds of thousands of customers whose accounts were targeted in a series of ‘brute force’ cyberattacks.

Dunkin’ Brands Group was accused of not acting in 2015 to protect 19,715 customers whose accounts had been targeted in a single five-day period, after learning about the problem from its own app developer.

The company failed to notify affected customers of the breaches, reset their passwords or freeze their Dunkin’ Donuts cards, the attorney continued. Moreover, Dunkin’ failed to adopt appropriate safeguards to limit future attacks, despite customer reports of continuing fraud on their accounts.

That failure came to roost in late 2018 when more than 300,000 customer accounts were accessed in new attacks, which concerns accounts created through Dunkin’s website or free mobile app.

The company did not immediately respond to a request for comment, according to Reuters.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Dunkin Donuts, cyberattacks, fraud prevention, payments security, data breach, password reset, attacks, US
Countries: World

Industry Events