Krispy Kreme's $1.6 million data breach settlement deadline nears

Scott Olson / Getty Images

Krispy Kreme agreed to a $1.6 million settlement over a Nov. 2024 data breach that exposed sensitive personal information belonging to roughly 161,000 current and former employees — and the deadline to file a claim is June 22, 2026.

The settlement website says the exposed data included names, dates of birth, Social Security numbers, and financial account details. Krispy Kreme announced the breach in December 2024 and settled the case in March. The company says it did nothing wrong and is not admitting liability.

To qualify, individuals must be U.S. residents who received a notification indicating that their personal data may have been exposed. A flat $75 payment is available to claimants who submit no supporting documentation, though the final figure is subject to change based on overall claim volume. For those who experienced fraud or identity theft as a result of the breach, up to $3,500 in reimbursement is available — provided the claim form is accompanied by supporting evidence such as receipts, correspondence, or phone records.

Claims can be submitted online or by mail. Any claim form sent through the mail needs to carry a postmark no later than June 22, 2026. The settlement administrator can also be reached by phone at 877-239-1879 or by writing to Krispy Kreme Data Incident Settlement Administrator, PO Box 2047, Portland, OR 97208-2047.