Donut Holes! Dunkin’ Data Breach Settlement
Dunkin’ was repeatedly alerted to attackers’ ongoing attempts to log in to customer accounts by a third-party app developer. The app developer even provided Dunkin’ with a list of nearly 20,000 accounts that had been compromised by attackers over just a sample five-day period. “Yet, Dunkin’ failed to investigate the attacks to identify other customer accounts that had been compromised, determine what customer information had been acquired, or whether customer funds had been stolen.
Dunkin agreed to pay $650,000 as penalty settlement costs for the lawsuit over its failure to respond to credential stuffing attacks.
You must be logged in to post a comment.