Krispy Kreme: Over 160,000 people had data stolen during November 2024 cyberattack therecord.media/krispy-kr…

Krispy Kreme began sending out breach notification documents to thousands of victims this week after a cyberattack in November exposed troves of data.

The North Carolina-based doughnut giant reported the data breach to regulators in Maine, Texas, Vermont, South Carolina and Massachusetts, writing that they finished a months-long investigation on May 22 in which they determined that personal information was stolen from 161,676 people.

A Krispy Kreme spokesperson said the “vast majority of those affected are Krispy Kreme employees, members of their families, and former employees.”

In its earnings report in May, Krispy Kreme estimated that it suffered $5 million in losses related to the cyberattack.