The Latest in IT Security

Starbucks Is the Latest Company to Not Care About Password Security

17
Jan
2014

It was revealed today that the iOS app for coffee chain Starbucks has some lax security standards. According to Computerworld, Starbucks executives confirmed on Tuesday that the app stores usernames and passwords in unencrypted plaintext, making it relatively easy for someone else to get ahold of those login credentials. Two company executives told Computerworld that the vulnerability—which also includes geolocation data—was not news to them, and that they had known since last November. For one thing, a hacker would need physical access to the phone in order to access the logs that store login credentials, and being able to access a Starbucks account would pretty much limit them to refilling any Starbucks gift card tied to the account—financial death by a thousand lattes.

Related posts:
  1. Starbucks pledges to change iOS app to keep user passwords secure
  2. Starbucks admits its iPhone app stores unencrypted user passwords
  3. Starbucks app stores log-in credentials, location info in plain text
  4. Starbucks will update iOS app to more securely store user passwords
  5. Starbucks builds a better paper cup for tea drinkers

Tags:  
Written by Yahoo
0 Comments
Comments are closed.

Categories

FRIDAY, APRIL 19, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments