Dunkin' Donuts is warning customers in its DD Perks program of a hack after the company learned that an outside source gained access to some account holders usernames and passwords.
The restaurant chain issued a statement saying that the hackers may have been able to access private information such as customers' first and last names, email addresses, their DD Perks account number and DD Perks QR codes.
Dunkin' Donuts said it was made aware of the incident on Oct. 31 by one of their security vendors. They did not say how many accounts were involved and did not immediately return a request for comment.
The hackers used the usernames and passwords to gain access to other online accounts, the company said, adding that its security vendor stopped most of these unauthorized attempts.
The company said it alerted DD Perks program holders who may have been affected and forced a password reset. It also encouraged customers to use "unique passwords" and not to reuse their DD Perks passwords for other online accounts.
The retailer said it launched an internal investigation into the issue, but said its internal system "did not experience a data security breach." Dunkin' Donuts said the hackers were able to gain access to the information through security breaches at other organizations.
DD Perks is a mobile app rewards program that allows customers to skip lines with On-the-Go ordering and earn free beverages through points and on their birthday.