© 2025 CoolTechZone - Latest tech news,
product reviews, and analyses.

Play ransomware group claims responsibility for Krispy Kreme data breach


The Play ransomware group says it’s responsible for the cyberattack on Krispy Kreme in November.

Earlier this month, the US doughnut chain informed the Securities and Exchange Commission (SEC) that it had been the victim of a cyberattack. An unknown party was able to gain access to the company’s corporate network, causing disruptions to its day-to-day business.

As soon as the unauthorized access came to light, Krispy Kreme launched an investigation into the full scope, nature and impact of the incident.

Who was responsible for the attack remained unclear. That is, until now.

The ransomware group 'Play' claims to be responsible for the recent events. In a message on a hacking forum on the dark web, the group says it has stolen private and personal confidential information, client documents, financial information (budget, payroll, accounting, taxes), and contracts.

The ransomware group didn’t provide any samples of the data breach. In addition, it remains unclear how much data was stolen.

Krispy Kreme hasn’t responded to the claims of the Play ransomware group.

The Play ransomware operation first surfaced over two years ago and has made over 300 victims around the world since then, including car retailer giant Arnold Clark, cloud computing company Rackspace, the City of Oakland in California, Microsoft Cuba, Dallas County, the Swiss government, the Belgian city of Antwerp, and American semiconductor supplier Microchip Technology.

According to cybersecurity firm Checkpoint, Play typically installs ransomware on a company’s systems, encrypting their data and demanding a ransom payment or exfiltrating business data and selling it on the dark web forum.

“Their ransomware attacks use unique tactics like intermittent encryption and double extortion to exfiltrate company data and threaten businesses,” researchers at Checkpoint say.

While the ransomware group has been less active in 2024 compared to previous year, Play still represents a major threat to unsecured organizations.


Leave a Reply

Your email address will not be published. Required fields are marked