Skip to main content
  1. Tech
  2. Gadgets & Tech
  3. Tech Gear

Starbucks iOS app not secure; leaves sensitive user data accessible to hacker

See also

Daniel Wood, a Minneapolis-area computer security specialist, said he was able to break into the Starbucks mobile app file which contained his email address, username, and password. Most importantly, this is the same file where your credit card information is stored.

According to Wood, the application stores customers' personal data in an unencrypted form which is easily accessible by hackers. Earlier this week, Wood posted his findings to a computer security website, where he recommended solutions to this problem.

In addition to being stored in plain text, according to Wood, the file also shows a history of customers' location. Woods explained in his post the specific vulnerability:

Within session.clslog there are multiple instances of the storage of clear-text credentials that can be recovered and leveraged for unauthorized usage of a user’s account on the malicious users’ own device or online at https://www.starbucks.com/account/signin.

In an interview with Computer World, Starbucks CIO Curt Garner and Starbucks Chief Digital officer Adam Brotman admitted to knowing for an "unspecified time" that the personal data was being stored in plain text. Shockingly, Brotman added:

We were aware. That was not something that was news to us.

In a post on Starbucks' official website, Garner said that Starbucks is working on addressing this issue. He writes:

Out of an abundance of caution, we are also working to accelerate the deployment of an update for the app that will add extra layers of protection. We expect this update to be ready soon and will share our progress here

Fortunately, the data is only accessible by obtaining a user's physical iPhone, but once the thief has accessed it once, he can continue to use that information to use the stolen Starbucks account to make purchases at the cafe chain.

What do you think about Starbucks' response to this security flaw? Leave your thoughts in the comments section below.

Stay informed about the latest technology news by subscribing and following me at the top of the page.

Like this article? Don’t forget to share!

Advertisement

Don't Miss

  • Massive
    Ubisoft Massive exclusive: 'The Division', PS4 & Xbox One, Activision to Ubisoft & more
    Camera
    Games Exclusive
  • iPhone
    Get your wallet ready: The next iPhone could cost $100 more than your last one
    Video
    Tech Buzz
  • Civ
    Need to catch up on 'Sid Meier's Civilization'? Here is everything you need to know
    Camera
    Games Feature
  • Google Glass
    See how Google Glass is letting sick kids go to the zoo without leaving the hospital
    Tech News
  • Upcoming
    These are 2014's biggest PS4, Xbox One and Wii U games
    Camera
    Games Feature
  • Google
    Google has filed for a patent to develop contact lenses capable of taking photos
    Video
    Headlines

User login

Log in
Sign in with your email and password. Or reset your password.
Write for us
Interested in becoming an Examiner and sharing your experience and passion? We're always looking for quality writers. Find out more about Examiner.com and apply today!