Business & Tech

Your Dunkin’ Donuts account may have been hacked

An open Dunkin Donuts shop at the corner of Dorchester Avenue and Boston Street in Dorchester.
Jim Davis/Globe Staff
An open Dunkin Donuts shop at the corner of Dorchester Avenue and Boston Street in Dorchester.

If you use the Dunkin’ Donuts app, DD Perks, to grab your morning coffee, you may want to change your password.

The company was notified of a security breach on Oct. 31 that included hackers attempting to log into DD Perks accounts, according to a statement posted to their website.

Dunkin’ said the information hackers had access to depended on what was already in customer’s DD Perks account but included first and last names, email addresses, 16-digit DD Perks account numbers, and DD Perks QR codes.

Advertisement

“We believe that these third-parties obtained usernames and passwords from security breaches of other companies,” the company said in the statement. “These individuals then used the usernames and passwords to try to break in to various online accounts across the Internet.”

Get Talking Points in your inbox:
An afternoon recap of the day’s most important business news, delivered weekdays.
Thank you for signing up! Sign up for more newsletters here

Dunkin’ stated that their security vendor was successful in stopping most of the fraudulet log in attempts but added that if customers use their username or password for accounts other than their DD Perks account, hackers may have succeeded in logging in.

“We immediately launched an internal investigation and have been working with our security vendor to remediate this event and to help prevent this kind of event from occurring in the future,” they said.

In response to the hack, the coffee chain forced all potentially impacted accounts to reset their password, replaced gift card account numbers associated with the app, and reported the hack to police.

Abbi Matheson can be reached at abbi.matheson@globe.com. Follow her on Twitter at @AbbiMatheson.