If you ask a layperson which industries they expect to come under attack from cyberattacks, they'll probably highlight targets like banks, infrastructure, or big tech. But one of the most high-profile cyberattacks in 2024 was against Krispy Kreme. Is nothing sacred anymore, when even our doughnuts aren't safe?
It might seem a bit odd to target a doughnut chain, but the incident highlights a real issue for the food and beverage industry, with implications for many others. The shift to digital experiences and customer service in industries that were historically only brick-and-mortar underscores how rapid digital transformation expands the attack surface for cybercriminals.
On November 29, 2024, Krispy Kreme detected unauthorized activity within a portion of its IT systems. The breach forced the company to temporarily suspend its online ordering services in parts of the United States. In response, Krispy Kreme immediately engaged external cybersecurity experts, implemented containment measures, and notified federal law enforcement.
Early findings suggest that the attackers exploited vulnerabilities in the company's rapidly deployed digital platforms, such as its mobile ordering app and cloud-based point-of-sale systems.
Although there remains some ambiguity over whether ransomware was employed, the Play ransomware gang later claimed responsibility, alleging that sensitive data, such as payroll records, contracts, tax documents, and customer financial information, was exfiltrated. The timing of the attack, just ahead of a major promotional event, appears designed to disrupt critical revenue streams and shake consumer confidence.
Digital sales represent roughly 15.5% of Krispy Kreme's revenue, making the online disruption particularly significant. The breach not only halted a critical revenue stream but also incurred costs related to system restoration, cybersecurity consulting, and potential reputational damage.
The incident contributed to a short-term stock price dip of about 2% and added to operational expenses during the recovery phase. Despite these setbacks, the company has stated that, with its cyber insurance coverage and ongoing remediation efforts, it doesn't expect a long-term material impact on its business fundamentals.
The attack illustrated that even major organizations are vulnerable when digital transformation outpaces cybersecurity defenses. All the new points of sale (POS) and customer touchpoints increase the access points that bad actors can exploit. All those mobile apps, cloud-based POS systems, and online ordering platforms need suitably integrated cybersecurity measures.
The food industry latched onto rapid digital transformation as a means of survival during the COVID-19 pandemic, but this speed has led to security gaps that bad actors can exploit. It might not seem like an obvious choice of target for cyberattacks, but POS systems, loyalty apps, and online delivery platforms all handle vast amounts of payment data. Even something as simple as scanning QR codes from photos leaves you and your customers open to exploitation without the right security in place.
Additionally, complex supply chains and franchise models create sprawling attack surfaces. For cybercriminals, the ROI is clear: disrupt operations, and companies face immense pressure to pay any ransoms quickly. The average breach in the retail sector costs $2.9 million, but the figure is likely higher for publicly traded brands like Krispy Kreme.
Digital transformation has become essential to remain competitive in pretty much every sector, not just the food and beverage industry. But the Krispy Kreme cyberattack needs to be a wake-up call: your cybersecurity needs to keep pace. To make sure you don't become the next headline on a cybersecurity blog, you should consider the following layered cybersecurity measures.
Comprehensive risk assessments
To ensure your digital transformation doesn't outpace your cybersecurity, you need to conduct rigorous risk assessments and system audits. This doesn't just apply to the food and beverage industry; every organization undergoing digital transformation should conduct regular penetration tests and thorough third-party vendor reviews to identify vulnerabilities before they can be exploited.
These proactive evaluations ensure that both your legacy systems and new digital platforms are consistently scrutinized and reinforced, creating a resilient defense against evolving threats. You can look into adopting cybersecurity frameworks and guidelines from trusted authorities. This can help your organization establish a robust risk management program that keeps pace with your rapid digital change.
AI-driven threat detection
Implementing AI-driven threat detection allows your organization to analyze enormous volumes of data in real-time. With this oversight, you can spot anomalies such as unusual login patterns or early indicators of data exfiltration that might otherwise go unnoticed. AI-driven systems learn and adapt to emerging threats, providing a proactive layer of defense that significantly reduces the window of opportunity for cybercriminals.
Once you've integrated AI-based security solutions into your digital infrastructure, you can ensure your customer service and sales platforms remain secure without hindering growth.
Employee training and incident response
The food and beverage industry maintains a large human workforce, which means employee cybersecurity training is essential to ensure those valuable employees don't become vulnerable links in your cybersecurity chain. You must equip your staff with the knowledge to recognize phishing attempts, social engineering ploys, and other common cyber threats through regular, targeted training sessions.
You also need a clear and well-practiced incident response plan in place. This ensures that all team members know exactly what to do at the first sign of a breach, which helps contain potential damage before it escalates. This combination of informed personnel and rapid-response protocols can reduce the impact of an incident, and cultivates a proactive culture of security across your organization.
Digital sales are projected to make up 21.5% of revenue in the food and beverage industry by 2027. With such a large chunk of revenue linked to digital sales, maintaining your regulatory compliance and ensuring payment security are non-negotiable priorities. You must adhere to standards like the Payment Card Industry Data Security Standard (PCI DSS) to protect your customers' payment data.
You need to deploy strong encryption protocols, employ tokenization techniques to reduce the risk of data misuse, and constantly monitor your systems for vulnerabilities. This compliance not only safeguards sensitive financial information but also helps your operational resilience in the face of cyber threats. All of these actions show your customers that you can be trusted.
The Krispy Kreme cyberattack has to be the wake-up call the food and beverage industry needs regarding cybersecurity. It's a stark reminder that digital transformation needs to work alongside equally robust cybersecurity measures.
As the food industry and others continue to expand their digital footprint, the need to invest in comprehensive, proactive security strategies is critical. You'll protect your operational continuity and customer trust, but also safeguard long-term business viability.