Researcher claims Starbucks mobile app got hacked, credit card data stolen

Summary: Earlier this week Bob Sullivan reported that hackers can easily access Starbucks customer accounts by stealing their username and passwords and naturally Starbucks app users panicked — Starbucks in its official statement denied the allegations of any sort of security breach.

An independent tech reporter Bob Sullivan shocked the users of Starbucks app by reporting that there are potentially exploitable vulnerabilities in Starbucks cards. These vulnerabilities can help hackers in stealing money through linked credit cards. However, the coffee chain released an official statement in which all such allegations were categorically rejected by the firm.


According to Starbucks:

Starbucks takes the obligation to protect customers’ information seriously. News reports that the Starbucks mobile app has been hacked are false.

Like all major retailers, the company has safeguards in place to constantly monitor for fraudulent activity and works closely with financial institutions. To protect the integrity of these security measures, Starbucks will not disclose specific details but can assure customers their security is incredibly important and all concerns related to customer security are taken seriously.

Tech skeptic Sullivan nevertheless stood by his story and says that the statement from Starbucks is “not new, and a bit of a straw man argument. Their app hasn’t been hacked, per se, they can say, but criminals are using their app/gift cards to access consumers’ credit and debit cards.”

”Starbucks can say the app isn’t hacked but fact is that hackers are using their app/gift cards to access consumers’ credit and debit cards.”

Maria Nistri, 48, was a victim this week. Criminals stole the Orlando women’s $34.77 in value she had loaded onto her Starbucks app, then another $25 after it was auto-loaded into her card because her balance hit 0.  Then, the criminals upped the ante, changing her auto reload amount to $75 and stealing that amount, too. All within 7 minutes, according to Sullivan’s report.


Sullivan alleges that hackers can easily access some customer accounts of Starbucks app users and use their User ID and passwords for stealing money. If the hackers somehow gain access to any such account that is linked with a credit card, they can alter the email log-in and transfer the available balance to a new Starbucks card, wait for the card to load balance and then repeat the process.

“Hackers target Starbucks mobile users, steal from linked credit cards without knowing account number”

Starbucks card is just like reloadable gift cards through which users can link their bank accounts with a credit card in order to automatically load when the balance in their card is low. Starbucks allows its customers to transfer balance easily between various Starbucks cards and this facility can be utilized by hackers as they can load-up their personal accounts before selling the souped-up Starbucks cards on the black market.

Starbucks representative said that no such breach of their system has happened and neither has the Starbucks app been hacked.

Are you a Starbucks fan? Do you use their mobile app? Would you care to share you experience about this report? 

Bob Sullivan
Related Posts