Dunkin’ Donuts is being sued by New York. Here’s why.

ALBANI — Dunkin’ Donuts failed to notify thousands of customers of a breach in their accounts in 2015, resulting in the theft of tens of thousands of dollars in gift cards, according to New York Attorney General Letitia James.

James filed a lawsuit Thursday accusing Dunkin’ Brands Inc. , the franchisor of the famous cake and coffee chain, has failed to properly protect its customers’ accounts, which stores money from “DD” cards that can be used to purchase merchandise in stores.

The lawsuit, filed with the state Supreme Court in Manhattan, alleges that Duncan never notified customers of the 2015 breach, even after withdrawing funds from their accounts.

The hack affected at least 19,175 accounts in a single five-day period, with James’s office indicating that it may have infected thousands of other accounts that the company was not aware of.

“Dunkin’ has failed to protect the security of its customers,” James said in a statement. “Instead of notifying the tens of thousands affected by these cybersecurity breaches, Duncan sat idly by, putting customers at risk.”

A customer walks out of a Dunkin' Donuts store in Midtown Manhattan on July 11, 2011 in New York City.

Duncan denies violating New York law

In a statement, Duncan vehemently denied any wrongdoing, saying there was “absolutely no basis” for James’ allegation.

The company said it had fully cooperated with the attorney general’s office’s investigation and was “shocked and disappointed” that the state had moved forward with the lawsuit.

“There is absolutely no basis for these allegations by the New York Attorney General’s Office. For over two years, we have fully cooperated with the AG’s investigation into this matter, and we are shocked and disappointed that they chose to proceed with this lawsuit due to the lack of merit in their case.

Leave a Comment

Your email address will not be published.