Starbucks & PayPal Security Breach


If you frequent Starbucks often and make use of the mobile phone app, check your account and credit(s) in the wake of the aftermath following Starbucks’s security breach in June, 2015.

Some Starbucks card holders and mobile app users recently received a disturbing announcement that some users had their Starbucks accounts drained without using an account number.

In certain instances, Starbucks was able to credit accounts following fraudulent transactions. However, in some circumstances, users were required to act on their own and dispute charges directly with their banks and/or credit card companies.


This year has definitely been a bad one for cyber security and data breaches, especially for users using mobile applications. Payment giant, PayPal, also had their accounts hacked this month.  Researchers at Michigan-based Duo Labs identified a vulnerability in PayPal’s two-step security mechanism for mobile users — a mechanism similar to those used to protect some bank and e-mail accounts. Breaches of two-factor authentication – after users enter a username and password, a code is sent to the user’s cellphone to confirm their identity – are rare.

Lesson here: keep a close eye on your accounts maintained in your mobile phones. Second, immediately notify responsible companies of any suspicious activity, and third, change your passwords frequently. The Starbucks hack seems to be partly enabled by hackers recent intrusion into customers’ weak Starbucks account passwords to steal hundreds of dollars in minutes.  The PayPal hack is a sign of sophistication developing in hackers’ knowledge of available security measures.