Starbucks Releases Security Fix for Payment App

What's Hot


How to Cut the Cable TV Cord in 2017Family

8 Major Freebies and Discounts You Get With Amazon PrimeSave

8 Creative Ways to Clear ClutterAround The House

Study: People Who Curse Are More HonestFamily

This Free Software Brings Old Laptops Back to LifeMore

Pay $2 and Get Unlimited Wendy’s Frosty Treats in 2017Family

The 3 Golden Rules of Lending to Friends and FamilyBorrow

6 Reasons Why Savers Are Sexier Than SpendersCredit & Debt

Resolutions 2017: Save More Money Using 5 Simple TricksCredit & Debt

Porta-Potties for Presidential Inauguration Cause a StinkFamily

Protecting Trump Will Cost Taxpayers $35 MillionFamily

Tax Hacks 2017: Don’t Miss These 16 Often-Overlooked Tax BreaksTaxes

5 New Year’s Resolutions That Will Pay Off 10 Years From NowCollege

10 Simple Money Moves to Make Before the New YearFamily

In exchange for convenience, an earlier version of the app made an iPhone owner's Starbucks account information easily available to anyone who stole the phone.

Rest easy, Starbucks iOS mobile payment users: Download the company’s new app and your password and confidential account information will be safe.

Starbucks spokesperson Maggie Jantzen wrote in response to our earlier story about the security concerns that arose about the app. Jantzen tells us the company fixed the app, which previously had stored user names, passwords, GPS locations and other confidential customer information in an insecure clear text format.

Customers are urged to download the updated app for what Jantzen says is an “extra layer of protection.”

In addition, Jantzen directed us to an official Starbucks statement by the company’s chief information officer, Curt Garner, which says, in part:

1. We have no indication that any customer has been impacted by this or that any information has been compromised

2. Last week we added safeguards to protect against the theoretical vulnerabilities raised by [security researcher] Daniel Wood.

3. [We] released an update for the app that will add extra layers of protection, and are encouraging customers to download it as an additional safeguard.

The previous version of the app would allow anyone to plug the phone into a computer for just a few seconds and access sensitive information about the account holder and his or her location history, reports NBC News. The app would also have allowed unauthorized users to make purchases.

Wood, who originally uncovered the security misstep, tells Computerworld that the issues are resolved.

Computerworld also says:

It should be pointed out, though, that Wood is no longer the independent security researcher that he was two days ago, since Starbucks has now brought him on as a security consultant, along with the standard nondisclosure agreement. Wood said it is, at this time, an unpaid role.

Stacy Johnson

It's not the usual blah, blah, blah

I know... every site you visit wants you to subscribe to their newsletter. But our news and advice is actually worth reading! For 25 years, I've been making people richer without making their eyes glaze over. You'll be glad you did. I guarantee it!

💰🗣📰

Read Next: How the Trump Tax Plan Will Affect You

Check Out Our Hottest Deals!

We're always adding new deals and coupons that'll save you big bucks. See the deals to the right and hundreds more in our Deals section.

Click here to explore 1,811 more deals!