informa
Quick Hits

Dunkin' Donuts Serves Up Data Breach Alert

Forces potentially affected DD Perks customers to reset their passwords after learning of unauthorized access to their personal data.

Dunkin' Donuts has alerted DD Perks account holders to a security incident after learning an unauthorized party accessed some of their usernames and passwords, NBC News reports.

DD Perks is a rewards program that lets Dunkin' customers purchase food and beverages for pickup and receive free drinks via rewards points and on their birthdays. On Oct. 31, a security vendor detected a third party accessing users' accounts. It believes these actors stole usernames and passwords from other companies and used them to attempt DD Perks logins.

Information exposed varies from user to user, depending on what was in their accounts. Dunkin' reports third parties may have been able to access first and last names, email addresses (which are used as usernames), the 16-digit DD Perks account numbers, and DD Perks QR codes.

Dunkin' reports its security vendor successfully blocked most of the attempted logins, but it is possible some accounts were accessed. It has launched an internal investigation and forced all potentially affected DD Perks users to reset their passwords and log back in with new ones. It has also taken steps to replace any stored DD Perks cards with new account numbers while retaining the cards' values. Law enforcement is helping identify the parties responsible.

Users are advised to create unique passwords for their DD Perks accounts, as well as all online accounts, and to never use the same password twice.

Read more details here.

BHEURUOPE2018-vplug_Web_Banners_468x60_Sponsor.png

 

 

 

Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.

Recommended Reading:

MODULE B: Latest content for DR

High-Profile Breaches Are Shifting Enterprise Security Strategy

Increased media attention is driving changes in enterprise security strategy -- some positive, some negative.

Increased media attention is driving changes in enterprise security strategy -- some positive, some negative.


7 Smart Ways a Security Team Can Win Stakeholder Trust

By demonstrating the following behaviors, security teams can more effectively move their initiatives forward.

By demonstrating the following behaviors, security teams can more effectively move their initiatives forward.



What Are Some Red Flags in a Vendor Security Assessment?

The last thing you want is a vendor that lies to you about its security practices.

The last thing you want is a vendor that lies to you about its security practices.


MacOS Security: What Security Teams Should Know

As more macOS patches emerge and cybercriminals and nation-states take aim at the platform, experts discuss how macOS security has evolved and how businesses can protect employees.

As more macOS patches emerge and cybercriminals and nation-states take aim at the platform, experts discuss how macOS security has evolved and how businesses can protect employees.


Loss of Intellectual Property, Customer Data Pose Greatest Business Risks

The slightly "good" news? Security professionals are a little less concerned about certain threats than last year, according to Dark Reading's "State of Incident Response 2021" report.

The slightly "good" news? Security professionals are a little less concerned about certain threats than last year, according to Dark Reading's "State of Incident Response 2021" report.


Name That Edge Toon: Mobile Monoliths

Feeling creative? Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Feeling creative? Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.

Oct 04, 2021


Why Windows Print Spooler Remains a Big Attack Target

Despite countless vulnerabilities and exploits, the legacy Windows printing process service continues to be an attack surface in constant need of repair and maintenance, security experts say.

Despite countless vulnerabilities and exploits, the legacy Windows printing process service continues to be an attack surface in constant need of repair and maintenance, security experts say.


10 Recent Examples of How Insider Threats Can Cause Big Breaches and Damage

Theft of intellectual property, sabotage, exposure of sensitive data and more were caused by malicious behavior and negligence at these organizations

Theft of intellectual property, sabotage, exposure of sensitive data and more were caused by malicious behavior and negligence at these organizations