Ransomware

Play ransomware admits Krispy Kreme compromise

Closeup of Krispy Kreme restaurant sign on the building.

Major U.S. multinational doughnut and coffeehouse chain Krispy Kreme was claimed to have been breached by the Play ransomware operation, which warned of exposing the entire data trove exfiltrated from its networks late last month by Saturday, reports Cybernews.

Details regarding the amount of data stolen from Krispy Kreme have not been provided but Play asserted the theft of the pastry giant's financial information, private and personal confidential information, client files, accounting, budget, and payroll details, taxes, contracts, and IDs. Such a development comes as Krispy Kreme disclosed restoring most of its online ordering processes that had been disrupted by the intrusion, which was initially disclosed to the Securities and Exchange Commission on Dec. 11. Meanwhile, nearly 350 organizations, most of which were in the U.S., Canada, Latin America, and Europe, have been compromised by Play ransomware over the past year, making it the third most prolific ransomware gang this year behind LockBit and RansomHub, according to the Cybernews Ransomlooker monitoring tool.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds