Third-party data breaches apparently spilled the beans on Dunkin’s DD Perks users.
The company formerly known as Dunkin’ Donuts said DD Perks customers usernames and passwords were stolen by third-parties through data breaches in other companies’ security systems.
The breach is not from any internal systems issues with Dunkin’, the company said.
Customers’ first and last names, email addresses (which are the usernames) and their 16-digit DD Perks account number and DD Perks QR code were compromised.
“On October 31, 2018, we learned from one of our security vendors that a third-party may have attempted to log in to your DD Perks account. We believe that these third-parties obtained usernames and passwords from security breaches of other companies. These individuals then used the usernames and passwords to try to break in to various online accounts across the Internet,” a Dunkin’ spokesman said. “Our security vendor was successful in stopping most of these attempts, but it is possible that these third-parties may have succeeded in logging in to your DD Perks account if you used your DD Perks username and password for accounts unrelated to Dunkin’.”
The company is working to rectify the situation, and suggested go into their accounts and change their passwords.
For more information, customers can contact Consumer Care at 800-447-0013 7 a.m. to 7 p.m. EST weekdays.