According to Starbucks, more than 15 percent of all its transactions take place on its smartphone app, which boasts an impressive 13 million mobile users in the U.S.
So you can imagine the company's and customers' dismay when reports of hacking began to surface Wednesday.
According to cybersecurity journalist Bob Sullivan, "Criminals are hijacking consumers' coffee accounts, draining the stored value of their cards, and then using Starbucks' auto-reload function to hack consumers' associated debit and credit cards."
Sullivan tells the story of one customer who lost $75 in seven minutes when a thief put the remaining balance from her Starbucks card on a gift card and then changed the auto-reload function to take out more money.
"Any third-party money system that exists is vulnerable to this. Auto-reload, for the most part, just isn't ready for prime time," Bob Sullivan said.
Sullivan doesn't say whether the app itself has been compromised or if the thefts are isolated incidents.
But Starbucks says its app is just fine. The coffee company urges users to be more careful with their money and login information.
In a statement, Starbucks wrote: "Criminals obtain reused names and passwords from other sites and attempt to apply that information to Starbucks. To protect their security, customers are encouraged to use different user names and passwords for different sites."
Sullivan admits it is unknown how widespread this problem is.
About the Author
