It was revealed today that the iOS app for coffee chain Starbucks has some lax security standards. According to Computerworld, Starbucks executives confirmed on Tuesday that the app stores usernames and passwords in unencrypted plaintext, making it relatively easy for someone else to get ahold of those login credentials. Two company executives told Computerworld that the vulnerability—which also includes geolocation data—was not news to them, and that they had known since last November. For one thing, a hacker would need physical access to the phone in order to access the logs that store login credentials, and being able to access a Starbucks account would pretty much limit them to refilling any Starbucks gift card tied to the account—financial death by a thousand lattes.