Any time you link an app to your bank account or credit card, you better use a good password. That seems to be the takeaway from a recent spate of thefts suffered by people using the Starbucks app, which lets you pay for coffee using your smartphone.
As reported by journalist Bill Sullivan and CNN, victims noticed that their accounts had illicitly been used to buy Starbucks gift cards worth hundreds of dollars, which can then be sold on the black market.
RELATED: Starbucks To Pay College Tuition for Employees
An Orlando woman named Maria Nistri told Sullivan that someone accessed her Starbucks app account and changed the username and password. The thief used the existing $34 balance to buy a gift card, waited for the app’s “auto-fill” function to withdraw more money from her bank account, and then stole another $100 within a few minutes.
Jean Obando of Sugar Land, Texas had $550 stolen via his Starbucks app, which was linked to his PayPal account, he told CNN.
Starbucks’ gift cards and smartphone apps are hugely popular, and constitute their own currency of sorts. One in seven Americans received one of its gift cards last year, and users load billions of dollars onto them every year. The company’s smartphone app, which is also available for the Apple Watch, accounts for about one in every six transactions at its US outlets.
RELATED: Cost of Starbucks Delivery
The company was quick to dismiss any suggestion that its own systems had been hacked, and pointed the finger at users who chose insecure passwords to protect their accounts. It said in a statement:
Occasionally, Starbucks receives reports from customers of unauthorized activity on their online account. This is primarily caused when criminals obtain reused names and passwords from other sites and attempt to apply that information to Starbucks. To protect their security, customers are encouraged to use different user names and passwords for different sites, especially those that keep financial information.
In a separate incident in January, Starbucks came under fire for a security vulnerability that might allow app passwords to be stolen, but the company quickly issued an update that fixed the issue.
Now, we want to hear from you! Would like to share your opinion or make a comment on the Unlock Your Wealth Radio Show? If so, then please leave your comment or questions in the space provided below and share this article with your friends and family on Facebook and Twitter. Your comments or question could be chosen as our featured Money Question Monday and a phone call by financial expert Heather Wagenhals could dial your way to be live on the Unlock Your Wealth Radio Show.