Dunkin’ Data Breach Settlement Paves the Way for More Suits

Dunkin’ Data Breach Settlement Paves the Way for More Suits

Posted September 17, 2020

Dunkin’ Data Breach Settlement Paves the Way for More Suits

  • Under the New York settlement with Dunkin’ Brands, which is the franchiser of 12,900 Dunkin’ outlets and 8,000 Baskin-Robbins stores worldwide, the company must refund money to about 20,000 New York customers affected by a 2015 data breach and also pay $650,000 in fines.
  • The settlement requires Dunkin’ to reset the password on any New York customer cards registered during the affected period and notify customers who are eligible for a refund for any fraudulent activity on their card resulting from the data breach.
  • Dunkin’ must also maintain reasonable safeguards to protect against credential stuffing attacks.

– Doug Olenick | September 17, 2020