Dunkin' Donuts parent settles New York cyberattack lawsuit, is fined

By Jonathan Stempel NEW YORK (Reuters) - The parent of Dunkin' Donuts on Tuesday agreed to upgrade its security protocols and pay $650,000 in fines and costs to settle a lawsuit by New York's attorney general claiming it ignored cyberattacks that compromised the online accounts of tens of thousands of customers. Attorney General Letitia James said Dunkin' Brands Group Inc will notify customers affected by the attacks between 2015 and 2018, reset their passwords, and provide refunds for unauthorized use of their Dunkin'-branded stored value cards.

Reuters September 16, 2020 00:05:41 IST
Dunkin' Donuts parent settles New York cyberattack lawsuit, is fined

Dunkin Donuts parent settles New York cyberattack lawsuit is fined

By Jonathan Stempel

NEW YORK (Reuters) - The parent of Dunkin' Donuts on Tuesday agreed to upgrade its security protocols and pay $650,000 in fines and costs to settle a lawsuit by New York's attorney general claiming it ignored cyberattacks that compromised the online accounts of tens of thousands of customers.

Attorney General Letitia James said Dunkin' Brands Group Inc will notify customers affected by the attacks between 2015 and 2018, reset their passwords, and provide refunds for unauthorized use of their Dunkin'-branded stored value cards.

The settlement resolves a civil lawsuit filed last Sept. 26 in a New York state court in Manhattan, and requires a judge's approval.

Dunkin' did not admit or deny wrongdoing.

The case arose after hackers began in early 2015 using previously stolen user names and passwords to conduct automated "brute force" and "credential stuffing" attacks, and steal tens of thousands of dollars from accounts created through Dunkin's website or free mobile app.

James said the Canton, Massachusetts-based company did nothing for years to address the compromised accounts despite repeated alerts from its own app developer, including when it identified 19,715 customers targeted over a five-day period.

The attorney general also said Dunkin' failed to adopt safeguards against future attacks despite reports of continuing fraud. She said that came to roost in late 2018, when more than 300,000 customer accounts were accessed in new attacks.

"For years, Dunkin' hid the truth and failed to protect the security of its customers, who were left paying the bill," James said. "It's time to make amends and finally fill the holes in Dunkin's' cybersecurity."

In a separate statement, Dunkin' said the cyberattacks potentially affected less than 1% of its Perks Loyalty members, and the hackers had no access to credit card information.

"We have taken steps to make sure that any stored value cards associated with [digital customers'] accounts are protected and secure," it added.

(Reporting by Jonathan Stempel in New York; Editing by Tom Brown)

This story has not been edited by Firstpost staff and is generated by auto-feed.

Updated Date:

TAGS:

also read

France, Germany to agree to NATO role against Islamic State - sources
| Reuters
World

France, Germany to agree to NATO role against Islamic State - sources | Reuters

By Robin Emmott and John Irish | BRUSSELS/PARIS BRUSSELS/PARIS France and Germany will agree to a U.S. plan for NATO to take a bigger role in the fight against Islamic militants at a meeting with President Donald Trump on Thursday, but insist the move is purely symbolic, four senior European diplomats said.The decision to allow the North Atlantic Treaty Organization to join the coalition against Islamic State in Syria and Iraq follows weeks of pressure on the two allies, who are wary of NATO confronting Russia in Syria and of alienating Arab countries who see NATO as pushing a pro-Western agenda."NATO as an institution will join the coalition," said one senior diplomat involved in the discussions. "The question is whether this just a symbolic gesture to the United States

China's Xi says navy should become world class
| Reuters
World

China's Xi says navy should become world class | Reuters

BEIJING Chinese President Xi Jinping on Wednesday called for greater efforts to make the country's navy a world class one, strong in operations on, below and above the surface, as it steps up its ability to project power far from its shores.China's navy has taken an increasingly prominent role in recent months, with a rising star admiral taking command, its first aircraft carrier sailing around self-ruled Taiwan and a new aircraft carrier launched last month.With President Donald Trump promising a US shipbuilding spree and unnerving Beijing with his unpredictable approach on hot button issues including Taiwan and the South and East China Seas, China is pushing to narrow the gap with the U.S. Navy.Inspecting navy headquarters, Xi said the navy should "aim for the top ranks in the world", the Defence Ministry said in a statement about his visit."Building a strong and modern navy is an important mark of a top ranking global military," the ministry paraphrased Xi as saying.