Hackers have targeted the much loved coffee-giant Starbucks, and if you are a regular customer…you might want to check your account.
Starbucks gifts cards and mobile payments have been compromised by hackers skimming Starbucks accounts, taking usually cleaning out the ‘small’ account balance, which add up to thousands of dollar. A seemingly unexceptional attack, it is so simple and unregulated it has gone almost unnoticed.
Hackers are gaining access to accounts by running the emails/usernames against several different password combinations, which users often simplify by choosing weak passwords. Once inside the criminals can ‘share’ the cards balance with another gift card or transfer it completely to another card. They also have the added bonus of gaining personal information from their victims such as their full address and phone number which then can then resell on the black market.
“$2 billion of processed mobile transactions, nearly 1 in 6 transactions were completed through the Starbucks app.”
Credit cards are also under attacks as Starbucks has reported that of the $2 billion of processed mobile transactions, nearly 1 in 6 transactions were completed through the Starbucks app. This paired with a weak password and direct link to credit card details, can result in hundreds of dollars stolen within a matter of moments due to the ‘auto top-up’ function of the cards creating an almost endless supply of money that can be withdrawn again and again, with the victim none the wiser.
If you have a Starbucks app then we strongly recommend that you immediately change your password to something a bit more hard-core, numbers and symbols, and plenty of them! (No more 123456). Also, if you have the ‘top up’ feature active disable it now, at least until Starbucks make their app more secure.