starbucksappStarbucks has admitted that its mobile payment app for iPhone does not encrypt user passwords and location data, instead storing it in a clear text format, according to a report from Computerworld.

The credentials were stored in such a way that anyone with access to the phone can see the passwords and usernames by connecting the phone to a PC. No jailbreaking of the phone is necessary. And that clear text also displays an extensive list of geolocation tracking points (latitude, longitude), a treasure trove of security and privacy gems for anyone who steals the phone.

The vulnerability was first discovered by security researcher Daniel Wood, who published his findings online for the security community after repeatedly not having success when attempting to contact Starbucks.

The coffee company tells Computerworld that it has "security measures in place now related to that". However, Wood tells The Verge that anything Starbucks does on its end "would not matter" because the vulnerability lies within the app itself.

Potential criminals would still need to physically have the phone to attain any user information, and the only information available would be user names, passwords and location data, but users of the app who had the "auto replenish" feature on would enable criminals to continually add money to the app to make Starbucks purchases.

Update: Starbucks has issued a statement acknowledging the issue and promising an expedited updated for the company's iOS app.

We’d like to be clear: there is no indication that any customer has been impacted by this or that any information has been compromised. Regardless, we take these types of concerns seriously and have added several safeguards to protect the information you share with us. To protect the integrity of these added measures, we are unable to share technical details but can assure you that they sufficiently address the concerns raised in the research report.

Out of an abundance of caution, we are also working to accelerate the deployment of an update for the app that will add extra layers of protection. We expect this update to be ready soon and will share our progress here. While we are working on the update, we would like to emphasize that your information is protected and that you should continue to feel confident about the integrity of our iOS app.

Tag: Starbucks

Top Rated Comments

Chupa Chupa Avatar
Chupa Chupa
155 months ago
Glad I don't have a Starbucks app in my country. Good luck cleaning that up, Starbucks.
Why because you hate convenience and free drinks and discounts?

With all the insecurity in computer systems these days (Target, Neimans) the Starbucks app is really only a distraction. Someone would have to have physical access to your phone or backup file to get the UID and PW. And even then you are talking about credit for coffees. What's the downside here - $20.

----------

Do hipsters still hang out at Starbucks? I thought it would be regular Joe Schmuck-people.
No, the Joe Schmuck people hang out on MR and spend their day generalizing and being snarky and condescending about people they don't even know.;)
Score: 7 Votes (Like | Disagree)
alent1234 Avatar
alent1234
155 months ago
The coffee is so bad, there is always a line of people waiting to buy it
Score: 6 Votes (Like | Disagree)
flash84x Avatar
flash84x
155 months ago
Really? It's not that hard to use the keychain which is built into iOS. Every competent iOS developer knows this.
Score: 6 Votes (Like | Disagree)
Chupa Chupa Avatar
Chupa Chupa
155 months ago
Personally, I hate going anywhere where asking for "a cup of coffee" produces a blank look...
That's a lot of places though. I mean "cup of coffee" is quite ambiguous & generic. Unless you are at a sit down restaurant or cafe, most coffee shops have multiple sizes.



Average Joe Schmuck was a bad word from my side early in the morning, it's called Jane/John Doe. Or "Svenssons" as we say here in Sweden. The regular average person.

Which was my impression of Starbucks when I was over there. Extremely bad coffe to a slightly premium price for the average consumer that doesn't care.
Yes, "Jane/Jone Doe" has quite a different connotation than "Joe Schumuck." The former is accepted slang for the average person. The latter, of course, is, meant to be offensive; from the yiddish translation, a "d!ck."

Coffee, like people, comes in all different tastes and strengths. Yes, Starbucks has some awful blends, but they have some tasty ones too. I can say the same about the offerings of lots of restaurants. Can't you?

But, honestly the big draw to Starbucks coffee over other coffee shops is not that it's a gourmet delicacy. People buy the drip because its extra caffeinated. If you need your morning caffeine bump that's the place to go. Also Starbucks has a variety of espresso drinks that most shops don't have or are not convenient. Finally, it's a comfortable (usually) place to meet for a casual cup. People like to jab Starbucks the same way they jab Apple. Sometimes its deserved, but most times its just petty, baseless & spiteful.
Score: 4 Votes (Like | Disagree)
Elijen Avatar
Elijen
155 months ago
Terrible coffee, terrible app. What did you expect?
Score: 3 Votes (Like | Disagree)
pnoyblazed Avatar
pnoyblazed
155 months ago
does that mean this app will finally get iOS7 support?
Score: 3 Votes (Like | Disagree)
Read All Comments

Popular Stories

iOS 26

15 New Things Your iPhone Can Do in iOS 26.2

Friday December 5, 2025 9:40 am PST by
Apple is about to release iOS 26.2, the second major point update for iPhones since iOS 26 was rolled out in September, and there are at least 15 notable changes and improvements worth checking out. We've rounded them up below. Apple is expected to roll out iOS 26.2 to compatible devices sometime between December 8 and December 16. When the update drops, you can check Apple's servers for the ...
Read Full Article51 comments
Intel Inside iPhone Feature

Apple's Return to Intel Rumored to Extend to iPhone

Friday December 5, 2025 10:08 am PST by
Intel is expected to begin supplying some Mac and iPad chips in a few years, and the latest rumor claims the partnership might extend to the iPhone. In a research note with investment firm GF Securities this week, obtained by MacRumors, analyst Jeff Pu said he and his colleagues "now expect" Intel to reach a supply deal with Apple for at least some non-pro iPhone chips starting in 2028....
Read Full Article152 comments
iPhone 14 Pro Dynamic Island

iPhone 18 Pro Leak Adds New Evidence for Under-Display Face ID

Monday December 8, 2025 4:54 am PST by
Apple is actively testing under-screen Face ID for next year's iPhone 18 Pro models using a special "spliced micro-transparent glass" window built into the display, claims a Chinese leaker. According to "Smart Pikachu," a Weibo account that has previously shared accurate supply-chain details on Chinese Android hardware, Apple is testing the special glass as a way to let the TrueDepth...
Read Full Article74 comments
iOS 26

Apple Seeds Second iOS 26.2 Release Candidate to Developers and Public Beta Testers

Monday December 8, 2025 10:18 am PST by
Apple today seeded the second release candidate version of iOS 26.2 to developers and public beta testers, with the software coming one week after Apple seeded the first RC. The release candidate represents the final version iOS 26.2 that will be provided to the public if no further bugs are found. Registered developers and public beta testers can download the betas from the Settings app on...
Read Full Article50 comments
iPhone 17 Pro Cosmic Orange

10 Reasons to Wait for Next Year's iPhone 18 Pro

Monday December 1, 2025 2:40 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article107 comments
Johny Srouji

Apple's Chipmaking Chief Johny Srouji Responds to Report About Him Potentially Leaving

Monday December 8, 2025 9:23 am PST by
Apple's chipmaking chief Johny Srouji has reportedly indicated that he plans to continue working for the company for the foreseeable future. "I love my team, and I love my job at Apple, and I don't plan on leaving anytime soon," said Srouji, in a memo obtained by Bloomberg's Mark Gurman. Here is Srouji's full memo, as shared by Bloomberg:I know you've been reading all kind of rumors and...
Read Full Article89 comments
Johny Srouji

Apple Chip Chief Johny Srouji Could Be Next to Go as Exodus Continues

Sunday December 7, 2025 10:41 am PST by
Apple's senior vice president of hardware technologies Johny Srouji could be the next leading executive to leave the company amid an alarming exodus of leading employees, Bloomberg's Mark Gurman reports. Srouji apparently recently told CEO Tim Cook that he is "seriously considering leaving" in the near future. He intends to join another company if he departs. Srouji leads Apple's chip design ...
Read Full Article382 comments
top stories 2025 12 04a

Top Stories: iOS 26.2 Coming Soon, Apple Execs Depart, and More

Saturday December 6, 2025 6:00 am PST by
You'd expect things to be starting to wind down for the holidays by now, but that doesn't seem to be the case yet in the world of Apple news, with Apple just about ready to release iOS 26.2 and other operating system updates to the public. There was also a flurry of news this week about Apple executive departures, some expected and some not so expected, while we also learned that Apple and...
Read Full Article8 comments
maxresdefault

iPhone Fold: Launch, Pricing, and What to Expect From Apple's Foldable

Monday December 1, 2025 3:00 am PST by
Apple is expected to launch a new foldable iPhone next year, based on multiple rumors and credible sources. The long-awaited device has been rumored for years now, but signs increasingly suggest that 2026 could indeed be the year that Apple releases its first foldable device. Subscribe to the MacRumors YouTube channel for more videos. Below, we've collated an updated set of key details that ...
Read Full Article56 comments
Apple Fitness Plus expansion hero

Apple Fitness+ Coming to 28 New Regions With Digital Voice Dubbing

Monday December 8, 2025 6:19 am PST by
Apple today announced that Fitness+ is expanding to 28 new markets on December 15 in the service's largest international rollout since launch, accompanied by new language dubbing and a K-Pop music genre. Apple Fitness+ will become available in Chile, Hong Kong, India, the Netherlands, Singapore, Taiwan, and additional regions on December 15, with Japan scheduled to follow early next year....
Read Full Article47 comments