Some members of Dunkin’s popular DD Perks program may have compromised some of their personal data. The company warns customers.
Dunkin Brands Inc., Massachusetts-based parent company in Dunkin Donuts, said it was learned by a security vendor on October 31 that third parties received a username and password from security breaches with other companies. While Dunkin said that its internal system was not broken and several attempts to use the information were blocked, third parties may be able to log in to some DD Perks accounts.
If the tests were successful, they could have exposed customer information, including names, email addresses, DD Perks account numbers, and DD Perks QR codes.
For affected users, the company forced the password reset. These customers must log out and create a new password. Their account numbers will also be replaced.
“We immediately launched an internal investigation and have worked with our security provider to remedy this event and to prevent this kind of event occurring in the future,” said the company.
Dunkin said that it also reported the situation to law enforcement.
Anyone who may have used the same password on other online accounts should consider changing these passwords and the default online safety guidelines are to use unique passwords for each account.
Customers with questions about the issue can call Dunkin’s customer care line at 800-447-001
3 from 07:00 to 19:00. Monday to Friday.