Krispy Kreme detected unauthorized IT activity 29 November 2024; disclosed via SEC 8-K 11 December 2024. Online ordering disrupted. Play ransomware gang claimed attack in December; after failed ransom negotiations, released 184 GB of data on dark web leak site 21 December 2024. 161,676 individuals notified of data theft including SSNs, driver’s licences, financial account numbers, credit/debit card numbers with CVVs, passport numbers, biometric data, health insurance information. FBI and CISA have rated Play as one of the most damaging ransomware gangs (900+ attacks).