Several Starbucks customers have lost hundreds of dollars due to an alleged hacking of their Starbucks account. The customers have said that they have received mails stating that the passwords for Starbuck’s mobile app login have been reset. This means, they allege that someone has been able to gain access to their accounts and have changed the login credentials.
The application for Starbucks accounts enables its clients to pay for the food and the coffee and store money on their reward cards. The money on the reward cards can be transferred from the customers’ credit or debit cards and this requires storing the information of their credit and debit cards with the company. It also requires them to store their other personal information such as their date of birth and address.
A hacker how gets access to these details can use them to not only steal the money from the customers’ Starbucks accounts but also use these details elsewhere. Starbucks allows that money can be transferred from reward card to another gift card. Hackers can use this to their advantage and transfer the available balance from one card to another. Also, the company allows transfer of money from several cards to a single card. These options make it easier for hackers to steal the money by transferring it to specific reward cards and then sell them at a lower price.
The app also has a feature of auto top-up where the balance, when it falls below a specific level is auto debited from the customers’ debit or credit cards and credited to their reward cards. This ensures that there is always sufficient balance of their reward cards. Hackers have successfully exploited this feature and have been stealing money.
Starbucks have stated that they are unaware of any such incidents and that the information pertaining to their clients is secure.