Krispy Kreme Agrees to $1.6M Settlement After Employee Data Breach

If you currently work or previously worked at Krispy Kreme, you might be owed money. The donut chain just agreed to a $1.6 million settlement to resolve a class action lawsuit over a data breach that happened in November 2024.

The breach allegedly exposed the personal information of over 161,000 current and former employees — and we're not talking about just names and emails. The lawsuit claims the exposed data included Social Security numbers, driver's license details, dates of birth, financial account information, health and insurance records, biometric data, passport numbers, and more.

That's about as bad as a data breach gets.

What Happened

In November 2024, Krispy Kreme was hit by a cyberattack that compromised employee data. The class action lawsuit, filed in June 2025 in North Carolina federal court, alleged that Krispy Kreme failed to implement adequate security measures to protect its workers' sensitive information.

Krispy Kreme hasn't admitted any wrongdoing, but the company agreed to the settlement. The fallout from the breach hit their bottom line too — Krispy Kreme confirmed that revenues dropped by more than 10% following the incident.

What You Could Get

There are two payout options, but you can only pick one:

Option 1: Up to $3,500 in reimbursement if you have documented losses from the breach. That covers things like identity theft, fraud, or out-of-pocket costs you can tie back to the incident. You'll need to submit documentation — receipts, phone records, emails, or correspondence showing what happened.

Option 2: A flat cash payment of roughly $75 with no documentation required. If you were affected but don't have specific losses to prove, this is the simpler route.

Both amounts could go up or down depending on how many people file claims.

On top of either option, every eligible class member automatically gets one year of credit monitoring with $1 million in identity theft insurance — no claim form needed for that part.

Who Qualifies

The settlement covers all U.S. residents whose personal information was impacted by the Krispy Kreme data breach. Court documents indicate that's 161,676 current and former employees.

Why This Matters

Data breaches in the food industry have been surging. The Identity Theft Resource Center reports that data compromises have increased 79% over the past five years, with the trend showing no signs of slowing down. For workers in food service — where employers hold sensitive personal and financial data — that's a growing risk that most people don't think about until it's too late.

If you worked at Krispy Kreme and haven't heard from them about this, it's worth checking. And if you were affected, filing a claim takes just a few minutes. Don't leave money on the table.

Download ClassyAction to track this settlement and get notified when your payment is ready.