Dunkin' Donuts Reward Program Users' Data Made Vulnerable -- Security Today

Dunkin' Donuts Reward Program Users' Data Made Vulnerable

The coffee chain says hackers might have accessed customer info through a data breach.

By Sydny Shepard
Nov 30, 2018

Users of Dunkin' Donuts' rewards program might have had their data made vulnerable after the coffee chain's security vendors discovered a potential breach on Oct. 31.

In a letter to rewards program users, Dunkin' explained that its own systems had not been compromised, but rather hackers targeted other companies using the usernames and passwords they obtained to try to break into various online accounts across the internet.

Dunkin' security stopped most of the attempt, but customers who used their DD Perks username and password for other accounts unrelated to Dunkin' were vulnerable as the hackers were using these credentials to access several different accounts.

While the coffee company says they are unsure of what data might have been made vulnerable, the accounts held information such as customers' first and last names, email addresses and 16-digit DD Perks account number and DD Perks QR code.

Paul Bischoff, a privacy advocate from Comparitech.com, explained that most people don't understand that the information they give one company becomes the information owned by several companies.

“DD Perks account holders might assume they were only handing over personal details to Dunkin Donuts, but this breach and the company's privacy policy proves otherwise," Bischoff said. "Dunkin Donuts shares customers' personal info with service providers, affiliate companies, franchisees, business partners, and other third parties. In this case, a security vendor used by Dunkin Donuts was breached by hackers."

Those affected by the breach might be wondering what they should do to move forward. Bischoff said your best bet is to change your passwords.

"We do not yet know how many customers were affected by the breach," Bischoff said. "DD Perks account holders who receive the notification should change their password immediately. If you use the same password on any other accounts, those should be changed as well. Be on the lookout for phishing emails pretending to be from Dunkin Donuts.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Security Industry Association Announces Program for 2025 AcceleRISE Conference
07/07/2025
SIA Opens Applications for 2025 Denis R. Hébert Identity Management Scholarship
07/07/2025
Honeywell Makes Strategic Tuck-in Acquisition of Li-ion Tamer
07/01/2025
Defining SASE at the Largest Consumer Electronics Chain in the Nordics
06/26/2025
Elite Interactive Receives Strategic Investment from CIVC Partners
06/26/2025
ProdataKey’s Emergency Response Integrations: Integrated Access Control Made Easy
06/25/2025
Eagle Eye Networks Enhances Partner Program to Accelerate Reseller Growth
06/24/2025
Altronix POE367 Delivers 277VAC Support at Remote Locations
06/18/2025

Featured

AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now
- Government
Report: 2025 Video Surveillance Market Set to Grow After Small Decline in 2024

Novaira Insights has unveiled its latest report, “World Market for Video Surveillance Hardware and Software – 2025 Edition.” The research indicates that the global market for video surveillance hardware and software experienced a slight decline of 0.3% in 2024. This performance fell short of previous forecasts, primarily due to a significant decrease of 7.8% in the Chinese market. Conversely, the rest of the world saw a growth of 4.9%. The global market for video surveillance equipment was estimated to be worth $25.0 billion in 2024. Read Now
- Video Surveillance
Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now
- Government
Video Surveillance Trends to Watch

With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now
- Video Surveillance
New Report Reveals Top Trends Transforming Access Controller Technology

Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now
- Access Control

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Luma x20

Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”
Connect ONE®

Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.
Unified VMS

AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities