October 30, 2014
People who use the Starbucks mobile app should be on alert, according to a research report that says the app leaves customers' passwords open to attack.
The popular app allows Starbucks customers to purchase drinks and food directly from their smartphones. It saves usernames, passwords and other personal information in plain text.
That means a hacker could pick up a left-behind phone, plug it into a laptop and easily recover a Starbucks customer's password without even knowing the smartphone's pin code.
Starbucks officials acknowledge the vulnerability, but say no customers have claimed to have been hacked as a result.