Starbucks Scare Overhyped?

A security hole in the Starbucks app discovered by security researcher Daniel Wood reportedly put nearly 10 million users at risk, but it now appears that initial reports on the vulnerability may have been blown out of proportion. While a fault in the app did allow a user to find an unencrypted copy of their Starbucks payment password in a locally stored archive, that archive was not accessible from unauthorized or remote users. In other words, to exploit the bug, a hacker would need physical possession of the device, rendering this particular vulnerability inert. Regardless, Starbucks has since posted a patched version of their app at Starbucks.com.

Leave A Comment...