News

Cyber-criminals access Dunkin's DD Perks accounts

November 30, 2018

Dunkin's wildly popular DD Perks mobile order and pay app has been targeted by cyber-thieves, who the brand said may have gotten hold of some usernames, first and last names, email addresses, loyalty club account numbers and passwords. 

The QSR's parent, Dunkin' Brands told CNBC that while there was no security breach of Dunkin's system, third-party players did use breaches at other companies to access DD Perks customers' usernames and passwords and log into some of those accounts.

A brand security vendor relayed the information to Dunkin' Oct. 31 but the number of compromised accounts was not disclosed, though the company told CNBC it was "only a small percent." An in-house investigation is underway and a forced password reset of potentially impacted accounts has taken place.