Dunkin Data Breach Lawsuit
Dunkin’ Donuts was sued on Thursday by New York Attorney General Letitia James, who accused the chain of failing to protect hundreds of thousands of customers whose accounts were targeted in two separate cyberattacks. This Dunkin data breach lawsuit claims that the company failed to do anything in 2015, and did not do enough in 2018.
The chain is accused of doing nothing in 2015 to protect 19,715 customers whose accounts had been targeted in a single five-day period, after learning about the problem from its own app developer. Dunkin’ also failed to adopt appropriate safeguards to limit future attacks, despite customer reports of continuing fraud on their accounts.
The suit also accuses Dunkin’ of keeping customers in the dark about the full extent of 2018 cyberattacks, by only intimating attempts had been made to access accounts but not that accounts had been breached.
“There is absolutely no basis for these claims by the New York Attorney General’s Office. For more than two years, we have fully cooperated with the AG’s investigation into this matter, and we are shocked and disappointed that they chose to move ahead with this lawsuit given the lack of merit to their case,” Dunkin’ chief communications officer Karen Raskopf said in an emailed statement.