Krispy Kreme recently announced a major data breach affecting a whopping 161,676 people. This includes current and former employees, and their family members. Hackers gained access to the company’s systems and stole a significant amount of sensitive information.
What Information Was Stolen?
The stolen data included some seriously sensitive stuff:
- Names
- Social Security numbers
- Dates of birth
- Driver’s license or state ID numbers
- Financial account information (including access records, credit/debit card details, and security codes)
- Usernames and passwords for financial accounts
- Digital signatures
- Email addresses and passwords
- Biometric data (if applicable)
- USCIS or Alien Registration Numbers
- US military ID numbers (if applicable)
- Medical and health insurance information
Krispy Kreme’s Response
Krispy Kreme says they discovered the unauthorized activity on November 29, 2024, and immediately started an investigation with cybersecurity experts. They notified affected individuals in May 2025, offering free credit monitoring and identity protection services. The company claims there’s no evidence the stolen data has been misused yet, but they’re upgrading their security systems to prevent future breaches.
What You Should Do
If you’re one of the affected individuals, keep a close eye on your accounts for any suspicious activity. Take advantage of the free credit monitoring offered by Krispy Kreme. Consider changing your passwords for any accounts that might have been compromised.