Data Breaches at Dunkin’ Donuts Continue to Affect Consumer Credit

America runs on…data?

If you stopped in at a Dunkin’ Donuts location between 2015 and 2019, there’s a good chance that you paid a hefty price for that cold-brew coffee or glazed kruller. That may be in part because the popular pastry chain was targeted by hackers who gained illicit access to customers’ Dunkin-branded payment cards—to the tune of tens of thousands of dollars.

These compromised accounts affected at least 20,000 customers and likely many more

Potential damages to both the consumer and the corporation include financial loss. Additionally, a data breach like the one at Dunkin’ can have a devastating impact on the consumer’s credit report—resolving such issues is often a difficult and time-consuming process.

According to a complaint filed by the office of the New York State Attorney General (NYSAG), franchisor Dunkin’ Brands, Inc. was notified of the initial breach by a third-party app developer in early 2015. Yet, the company failed to put a freeze on the payment cards, notify customers, or take any action that could have prevented additional breaches.

As a result, Dunkin’ was the target of additional cyberattacks over the course of the next four years.

It wasn’t until 2020 that the complaint was settled. Dunkin’ Brands, Inc. was ordered to pay $650,000 in penalties and costs to the State of New York, notify all affected customers, provide them refunds, and maintain safeguards against similar breaches in the future.

“For years, Dunkin’ hid the truth and failed to protect the security of its customers,” said Attorney General Letitia James. “We are ensuring the company’s dangerous brew of lax security and negligence comes to an end.”

Consumers who fall victim to data breaches are at risk of losing far more than a few dollars’ worth of coffee drinks and sweet treats. Hackers can gain access to their personal financial information, including account numbers and personal identification numbers. This vulnerability, in turn, can lead to potentially devastating black marks on consumers’ credit reports.

If you believe that your finances and credit have suffered as the result of a data breach, the first step is to request copies of your credit report. Then, secure the services of an attorney who specializes in consumer financial issues related to cyber fraud.