We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Glazed and Confused: The Krispy Kreme Data Breach That Left Customers in a Sticky Situation

News and information from the Advent IM team.

  • by Olivia Lawlor-Blackburn
  • General

In recent months, several organisations have experienced significant data breaches, underscoring the critical need for robust cybersecurity measures and proactive strategies, particularly in employee training.

In late November 2024, Krispy Kreme faced a cyberattack that disrupted its online ordering system across parts of the United States. The Play ransomware group claimed responsibility, alleging the theft of sensitive personal and financial data. This breach not only hindered customer transactions but also raised concerns about the potential misuse of compromised information.

Another example only last month, Reading Cooperative Bank (RCB), a Massachusetts-based lender, suffered a security incident stemming from a phishing attack. An employee inadvertently clicked on a phishing email from a known sender within the banking industry, potentially compromising personal information. This breach affected over 24,000 individuals, highlighting the severe consequences of sophisticated phishing schemes.

These incidents emphasise the necessity for organisations to adopt proactive cybersecurity strategies rather than reactive responses. Proactive measures involve identifying and mitigating potential threats before they materialise, thereby safeguarding sensitive data and maintaining customer trust.

Some of these key proactive strategies could include:

  • Regular Security Assessments: Conducting thorough evaluations of IT infrastructures to identify and address vulnerabilities.
  • Employee Training: Educating staff about cybersecurity best practices to prevent human errors that could lead to breaches.
  • Access Controls: Implementing strict access controls ensures that only authorised personnel can access sensitive information, reducing the risk of internal threats.

Why Focus on Employee Training?

  • Mitigating Human Error: A significant proportion of data breaches involve human elements, such as falling for phishing scams or mishandling sensitive information. Proper training equips employees with the knowledge to recognise and avoid potential threats.
  • Reducing Financial Impact: Organisations that implement regular cybersecurity training for employees can see substantial cost benefits. For instance, employee training has been shown to reduce the cost of a data breach by an average of $232,867 according to SentinelOne.
  • Enhancing Incident Response: Trained employees are better prepared to detect and respond to security incidents promptly, minimizing potential damage

By prioritising employee training and adopting proactive cybersecurity measures, businesses can significantly reduce the risk of data breaches, protect their reputation, and maintain customer trust.

Looking for information on Advent IM Data Protection Training? Visit our courses here.

Share this Post

© 2025 Advent IM Limited.