- Krispy Kreme said in an SEC filing that it's navigating a cybersecurity incident.
- The company is experiencing operational disruptions, including with online orders in the US.
- Krispy Kreme said the related costs will likely impact its "financial condition."
Krispy Kreme said hackers had disrupted operations, including online ordering in certain parts of the United States.
In an SEC filing on Wednesday, Krispy Kreme said it learned of "unauthorized activity on a portion of its information technology systems" in November. Customers can still place orders in person without issue.
Krispy Kreme said the incident has affected — and will likely continue to affect — its business operations until recovery efforts are "complete."
"The expected costs related to the incident, including the loss of revenues from digital sales during the recovery period, fees for our cybersecurity experts and other advisors, and costs to restore any impacted systems, are reasonably likely to have a material impact on the Company's results of operations and financial condition," the filing said.
The company said it is working to address the cybersecurity incident in a statement to Business Insider.
"Upon detecting the unauthorized activity, we immediately began taking steps to investigate, contain, and remediate the incident with the assistance of leading cybersecurity experts and other advisors," the statement said. "We, along with them, continue to work diligently to respond to and mitigate the impact from the incident, including the restoration of online ordering. Our fresh doughnuts are available in our shops as always!"
Krispy Kreme notified federal law enforcement and said an investigation is ongoing.