Starbucks' popular mobile application makes passwords vulnerable to cybercriminals.
The Starbucks app is linked to a Starbucks Card which can be used to buy drinks, foods and other merchandises from the coffeehouse. The card is one of the latest marketing strategies of the company wherein buyers get to earn one star per beverage purchase. Once the owner accumulates 12 stars, he is entitled for a free drink.
However, a report revealed said that the application not only lets customers buy their products hassle-free, it also saves personal details in plain text, which makes it a lot easier for hackers to steal information. To access a user's password, a hacker needs to get hold of the smartphone first. He also needs to have a handy computer and knowledge on how to access the file.
The password would grant the hacker key to the user's balance in his Starbucks account.
The issue, which was first revealed by the security researcher Daniel Wood in an online posting, started when he tried to see if his information in the app was secure. However, the app failed him.
"The application is storing the users' information -- everything from your full name to your address to your username and password as well as your email address," Woods told CNN.
Starbucks spokeswoman Linda Mills conceded that the allegations are true. However, she said that is very improbable to occur.
Along with Mills, another spokesperson for Starbucks, Jim Olson, said that there have been no reports of hacking yet.
"Obviously the security of our customers' information is of the utmost importance to Starbucks and we're monitoring for any risks and vulnerabilities," Olson told CNN.
He also assured its users that the American global coffee company and coffeehouse chain is "always evolving and enhancing our systems to ensure that our systems our secure.
Starbucks is the largest coffeehouse chain with over 20,000 stores in 62 countries. About 64 percent of the stores are located in the U.S.