Starbucks Admits to Storing Passwords in Plaintext

Original Starbucks in Seattle

The original Starbucks in Seattle, Wa.
Deymos Photo / Shutterstock.com

The Starbucks mobile app is the most popular mobile payment app in the United States. Users can load money onto their Starbucks app, and every time they buy drinks or food they earn stars which gets them free coffee. On Thursday, Starbucks confirmed that they store passwords and other user information in plaintext.

This user information, which includes passwords, usernames, email address,  and location – was unencrypted. This makes it easy to access by anyone who plugs the handset into a PC, according to a report detailing the vulnerability.

The report stated that passwords are stored this way in order to make it easier for users to purchase. Users only need to enter their password and username once, and then can make purchases without putting in anymore information. However, I’m sure users would rather have a little more difficulty making purchases and know that their data is safe.

“We take these types of concerns seriously and have added several safeguards to protect the information you share with us,” Garner added. He also revealed Starbucks is working on an update to the app that will “add extra layers of protection.”

Information on users payment information is not available – however, thieves may be able to use the information to make purchases on other people’s Starbucks accounts.

Advertisements

About DevonJ140
I am currently an Accounting Director living in New York City. I love reading and learning more about business, finance, tech, and current events.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: