Starbucks Will Fix Security Hole In Its App That Could Show People Your Password

Watch out, coffee drinkers. Someone might be able to buy a latte on your dime.

According to a Computerworld report on Tuesday, the Starbucks iPhone app has been storing usernames, email addresses, and passwords in plain text. That means that if you connected someone’s phone to a computer, you’d be able to see that information.

On the heels of security breaches at both Target and Neiman Marcus, you’d think that a company would do all it can to encrypt its data. Or at least fix it once the vulnerabilities were exposed.

Daniel Wood, who initially found the issue, told The Verge that Starbucks hasn’t done much to fix anything, and hasn’t updated its app since May. “Anything they have done on their end won’t matter as the vulnerability lies within the application on end user devices,” he said.

UPDATE: In a statement today, Starbucks said that it will indeed update its app to close this security hole. The company insists, however, that nobody has been specifically affected by the issue. The app update will be ready “soon,” according to the statement.

Business Insider Emails & Alerts

Site highlights each day to your inbox.

Follow Business Insider Australia on Facebook, Twitter, LinkedIn, and Instagram.

Tagged In

retail sai-us