If you’re a member of the Dunkin’ Donuts DD Perks program, some of your personal information may have been compromised.
Dunkin’ Brands Inc., the Massachusetts-based parent company of Dunkin’ Donuts, said that it learned on Oct. 31., from a security vendor, that third parties had obtained usernames and passwords from security breaches at other companies.
According to Dunkin’, their internal systems were not breached and attempts to use the information were blocked, but it is possible that third parties were able to log into some DD Perks accounts.
If the attempts were successful, customer names, e-mail addresses, DD Perks account numbers and DD Perks QR codes could have been exposed.
The company forced a password reset for customers that were affected, meaning those customers would need to log out and create a new password.
The account numbers of customers affected will also be replaced.
“We immediately launched an internal investigation and have been working with our security vendor to remediate this event and to help prevent this kind of event from occurring in the future,” the company said.
Customers that use the same password on other online accounts should consider changing their passwords
Dunkin’ said that they reported the situation to law enforcement.
Customers with questions about the issue can call Dunkin’s customer care line at 800-447-0013 from 7 a.m. through 7 p.m. Monday through Friday.