I had held off reporting a scam involving Starbucks mobile app, and I’m glad I did, because Starbucks says there’s been no compromise of their app or system. In a statement on their site, they write:
Starbucks takes the obligation to protect customers’ information seriously. News reports that the Starbucks mobile app has been hacked are false.
Like all major retailers, the company has safeguards in place to constantly monitor for fraudulent activity and works closely with financial institutions. To protect the integrity of these security measures, Starbucks will not disclose specific details but can assure customers their security is incredibly important and all concerns related to customer security are taken seriously.
Occasionally, Starbucks receives reports from customers of unauthorized activity on their online account. This is primarily caused when criminals obtain reused names and passwords from other sites and attempt to apply that information to Starbucks. To protect their security, customers are encouraged to use different user names and passwords for different sites, especially those that keep financial information.
If a customer believes their account has been subject to fraudulent activity, they are encouraged to contact both Starbucks and their financial institution immediately. Customers are not responsible for charges or transfers they did not make. If a customer’s Starbucks Card is registered, their account balance is protected.
For additional security, Starbucks encourages customers to employ several best practices to ensure information is as protected as possible, such as:
Passwords
Creating passwords made up of long phrases or sentences that mix capital and lowercase letters, numbers, and symbols.
Using different passwords for different sites, especially those that keep financial information.
Changing passwords often.
Lost or Stolen Device
If a customer believes their device has been lost or stolen, immediately change passwords for financial and personal accounts to prevent any identity theft or fraud.
Stay Alert
Regularly review bank statements for suspicious activity. If something is in error, immediately report that to your financial institution.
If you see any suspicious activity on your Starbucks Card or mobile app, please immediately notify Starbucks customer service at 1-800-STARBUC.
Of course, customers who have been burned and the media have now associated the problem with Starbucks and Starbucks’ infosecurity. So are they getting bad press and a bad rep for something that is the customers’ responsibility (not re-using login credentials)? Or could one argue that in this day and age, when so many login credentials have been stolen, Starbucks and every other firm should have stronger authentication or defenses against this type of thing?
If buying a cup of coffee leaves a bad taste in your mouth because of this type of problem, will you be so quick to buy the next one?