“We’re experiencing certain operational disruptions due to a cybersecurity incident, including with online ordering in parts of the United States,” reads a message on the Krispy Kreme website.
“We know this is an inconvenience and are working diligently to resolve the issue.”
The firm told the BBC in a statement it “immediately” took steps to investigate and contain the incident, and has brought in cybersecurity experts.
“We, along with them, continue to work diligently to respond to and mitigate the impact from the incident, including the restoration of online ordering,” it said.
No groups have publicly taken responsibility for the hack.
Krispy Kreme is a large chain in the US, which has more than 1,400 shops worldwide.
In the UK it is smaller, but its 120 locations make it the largest speciality doughnut retailer in the country.
Krispy Kreme stated in its SEC filing that it has cybersecurity insurance, which it expects “to offset a portion of the costs”.
It said it expected these costs to arise from a loss of digital sales, fees for the experts it has hired, and the restoration of…