Starbucks Will Fix Security Hole In Its App That Could Show People Your Password

Watch out, coffee drinkers. Someone might be able to buy a latte on your dime.

According to a Computerworld report on Tuesday, the Starbucks iPhone app has been storing usernames, email addresses, and passwords in plain text. That means that if you connected someone’s phone to a computer, you’d be able to see that information.

On the heels of security breaches at both Target and Neiman Marcus, you’d think that a company would do all it can to encrypt its data. Or at least fix it once the vulnerabilities were exposed.

Daniel Wood, who initially found the issue, told The Verge that Starbucks hasn’t done much to fix anything, and hasn’t updated its app since May. “Anything they have done on their end won’t matter as the vulnerability lies within the application on end user devices,” he said.

UPDATE: In a statement today, Starbucks said that it will indeed update its app to close this security hole. The company insists, however, that nobody has been specifically affected by the issue. The app update will be ready “soon,” according to the statement.

NOW WATCH: Tech Insider videos

Want to read a more in-depth view on the trends influencing Australian business and the global economy? BI / Research is designed to help executives and industry leaders understand the major challenges and opportunities for industry, technology, strategy and the economy in the future. Sign up for free at

Tagged In

retail sai-us