Dunkin Donuts has alerted their “Perks” members of a need to reset their account passwords

http://www.darkreading.com/threat-intelligence/dunkin-donuts-serves-up-data-breach-alert/d/d-id/1333367

Dunkin’ Donuts has alerted DD Perks account holders to a security incident after learning an unauthorized party accessed some of their usernames and passwords, NBC News reports. DD Perks is a rewards program that lets Dunkin’ customers purchase food and beverages for pickup and receive free drinks via rewards points and on their birthdays. On Oct. 31, a security vendor detected a third party accessing users’ accounts. It believes these actors stole usernames and passwords from other companies and used them to attempt DD Perks logins.

Information exposed varies from user to user, depending on what was in their accounts. Dunkin’ reports third parties may have been able to access first and last names, email addresses (which are used as usernames), the 16-digit DD Perks account numbers, and DD Perks QR codes.