NY AG James Sues Dunkin' For Neglecting User Cybersecurity

By Ryan Boysen (September 26, 2019, 5:53 PM EDT) -- New York's attorney general has hit Dunkin' Donuts with a lawsuit for failing to protect customers from cyber attacks, alleging the coffee chain barely acted in response to two data breaches in 2015 and 2018 that together compromised more than 300,000 customer accounts.

In a 26-page complaint filed Thursday, New York AG Letitia James said both incidents underscored Dunkin' Brands Inc.'s haphazard approach to enforcing cybersecurity. The coffee chain's actions, or lack thereof, violated not only its internal cybersecurity policies but New York data breach notification and consumer protection laws as well, James said. 

"Dunkin' failed to protect the security of its...

Stay ahead of the curve

In the legal profession, information is the key to success. You have to know what’s happening with clients, competitors, practice areas, and industries. Law360 provides the intelligence you need to remain an expert and beat the competition.

  • Access to case data within articles (numbers, filings, courts, nature of suit, and more.)
  • Access to attached documents such as briefs, petitions, complaints, decisions, motions, etc.
  • Create custom alerts for specific article and case topics and so much more!


Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Ask a question!