Are Thieves Hacking the Starbucks App?

»Want more news? Subscribe to the Edgewater Patch email newsletter.

By Charlene Arsenault and Deb Belt

While several media outlets this week reported that a popular Starbucks app had been hacked, the coffee chain is flatly denying this has happened.

CNNMoney reported that Starbucks had acknowledged that thieves are now breaking into customers reward accounts by using the Starbucks mobile app.

But Starbucks issued a statement that “news reports that the Starbucks mobile app has been hacked are false.”

“Like all major retailers, the company has safeguards in place to constantly monitor for fraudulent activity and works closely with financial institutions,” said the announcement. “To protect the integrity of these security measures, Starbucks will not disclose specific details but can assure customers their security is incredibly important and all concerns related to customer security are taken seriously.”

Starbucks locations in Edgewater include 3059 Solomons Island Road, and inside the Safeway stores at 5 Mayo Road and 2644 Chapel Lake Drive.

CNNMoney said that the supposed hack was first reported by Bob Sullivan,a consumer journalist, on May 11.

With a Starbucks app, you can pay at the register with your smartphone and add gift card funds through your bank, PayPal or credit card.

Criminals have figured out how to get into the victim’s Starbucks account online and add a gift card, said CNNMoney and Bob Sullivan, which then allows them to transfer funds from the victim’s various accounts.

Several victims told CNNMoney they became aware of the fraud when they received email confirmations that money was reloaded to their Starbucks accounts. One customer said a thief got $115 in just a few seconds right from a bank account.

Cybersecurity firms say Starbucks could, and should, add authentication processes that ensure more security.

“Occasionally, Starbucks receives reports from customers of unauthorized activity on their online account,” added the company in a statement. “This is primarily caused when criminals obtain reused names and passwords from other sites and attempt to apply that information to Starbucks. To protect their security, customers are encouraged to use different user names and passwords for different sites, especially those that keep financial information.”

Starbucks offered several tips to ensure security.