Slashdot Mirror

← Back to Stories (view on slashdot.org)

Starbucks Phone App Stores Password Unencrypted

Posted by timothy on from the don't-spend-it-all-in-one-place dept.

JThaddeus writes "The Daily Caller reports a serious security flaw in the Starbucks phone app: 'Starbucks confirmed late Tuesday that anyone could access the unencrypted data stored on the official Starbucks app simply by connecting the phone to a computer – bypassing lock screen or PIN security features with no hacking or jailbreaking necessary.' The linked report is for iOS. No mention of Android, but do you think it is any different?" (Starbucks says they've addressed the problem.)

1 of 137 comments (clear)

  1. When will companies be held liable? by Anonymous Coward · · Score: 5, Interesting

    When will companies be held liable for implementing incompetent security (or not implementing it all)?

    The marketing weenies are all over getting the brand out, but don't give a shit about security.

    Companies should be getting fined for crap like this. Between data beaches and gross incompetence at any form of security, trusting a marketing app is the height of stupid.