Starbucks Singapore notifies members of its Rewards loyalty programme that personal information, including phone numbers, addresses, and birthdays has been illegally accessed in a data leak.
What Data Leaked?
According to ZDNET, on September 10th, a group of hackers claimed it has gained access to Starbucks Singapore’s Rewards database, containing more than 553.000 records. To prove this, they have offered a sample dump on an online forum specialized in trading stolen databases.
On Friday (September 16th), the US F&B chain informed its customers that it had discovered unauthorized online activity and access to customer details. The customers’ names, dates of birth, phone numbers, and addresses were among the personal information that the hackers were able to obtain.
Starbucks Store in Singapore (Source: facebook.com/StarbucksSingapore)
However, credits and stored value for Starbucks’ Reward customer loyalty program have not been impacted. Financial information such as credit card data have also not been compromised as, according to Starbucks, they do not store such information.
Investigations Are Undergoing
According to Starbucks, the local authorities had been alerted and were now assisting them in relation to the security incident.
We would like to reinforce that Starbucks will not request any personal or membership information, nor will we send any URL links for such requests. Please remain vigilant and do not share details if you receive such notifications
Starbucks stated in the notification email that it has added new safeguards to protect consumer information.
ZDNET has approached the retailer to learn more about the issue, including the number of consumers who were impacted, the systems that were compromised, and when the breach was detected.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.