Attorney General James Gets Dunkin' to Fill Holes in Security, Reimburse Hacked Customers

Posted to Applied Web NY on Tue, 09/15/2020 - 14:45

NEW YORK – New York Attorney General Letitia James today announced a settlement with Dunkin’ Brands, Inc. (Dunkin’) — franchisor of Dunkin’ Donuts — resolving a lawsuit over the company’s failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts. The settlement requires the company to notify customers impacted in the attacks, reset those customers’ passwords, and provide refunds for unauthorized use of customers’ stored value cards. Dunkin’ will also be required to maintain safeguards to protect against similar attacks in the future, follow incident response procedures when an attack occurs, and pay $650,000 in penalties and costs to the state of New York.

Bulletin assigned to: