Customers using the Starbucks payment app on their mobiles are reportedly being hacked, but the Seattle-based firm was quick to put rumors of a security breach to rest.
Cyber criminals reportedly gained access into consumers’ coffee accounts, drained the accounts, and then used the Starbucks’ auto-reload function to steal money from the consumers’ associated debit and credit cards.
Starbucks was quick to issue a news release stating that its own systems had not been breached.
Starbucks puts rumors of a security breach to rest
The Seattle-based coffee chain said on Wednesday that rumors of a security breach are false, adding that compromised accounts are primarily the result of using weak passwords.
In the statement the company said:
“Starbucks takes the obligation to protect customers’ information seriously. News reports that the Starbucks mobile app has been hacked are false.
“Like all major retailers, the company has safeguards in place to constantly monitor for fraudulent activity and works closely with financial institutions. To protect the integrity of these security measures, Starbucks will not disclose specific details but can assure customers their security is incredibly important and all concerns related to customer security are taken seriously.”
“Occasionally, Starbucks receives reports from customers of unauthorized activity on their online account. This is primarily caused when criminals obtain reused names and passwords from other sites and attempt to apply that information to Starbucks. To protect their security, customers are encouraged to use different user names and passwords for different sites, especially those that keep financial information.”
The Starbucks mobile payment app has almost 12 million active monthly users. The company suggested that users create long or complex passwords and change passwords often to protect their information.