Changing your username and password often is always a good idea, as is making sure you’re not using the same password over and over again on every app and website. But if you use DD Perks, the Dunkin’ Donuts app, now would be a good time to give yourself a security refresh.
The company has announced that last month it detected a wave of fraudulent log-in attempts on the app from hackers that somehow obtained customers’ usernames and passwords, which Dunkin’ blames on “other companies’ security breaches.”
“Our security vendor was successful in stopping most of these attempts, but it is possible that these third-parties may have succeeded in logging in to your DD Perks account if you used your DD Perks username and password for accounts unrelated to Dunkin’,” the company’s customer relations team says in a statement.
Dunkin’ says it discovered the fraudulent log-ins on October 31.
Hackers who obtained your username and password may also now know your first and last name, email address, 16-digit DD Perks account number, and affiliated QR codes.
DD Perks app users have already been made to reset their passwords before logging back in, Dunkin’ says. The company conducted an internal investigation, and has now alerted police. It is also supplying new account numbers to customers and says if you had value stored in the app, you’ll be able to keep it.
“As always, we strongly recommend that our guests create unique passwords for their DD Perks accounts, and do not reuse passwords used for their other unrelated online accounts,” Dunkin’ says.
Not bad advice.
Source URL: https://www.bostonmagazine.com/news/2018/11/29/dunkin-donuts-app-hacked/
Copyright ©2019 Boston Magazine unless otherwise noted.