starbucksapp
Starbucks has released an update to its iOS app that safeguards customer's personal information stored on the phone. An earlier version of the app saved sensitive information, such as usernames, passwords and location data, in a clear text format. Potential criminals who obtained physical access to a customer's iPhone could download these details with minimal effort.

As announced by Starbucks chief information officer Curt Garner, an updated version of the Starbucks mobile app is available now in the iOS App Store. Though the safeguard measures were not detailed, Garner did confirm that the changes made to app provide "extra layers of protection" for consumers.

As promised, we have released an updated version of Starbucks Mobile App for iOS which adds extra layers of protection. We encourage customers to download the update as an additional safeguard measure.

A followup inquiry by The Verge clarified that the app no longer stores personal data in clear text format. Garner encouraged all Starbucks customers to download the latest version of the company's app.

Version 2.6.2 of Starbucks for the iPhone is available for download from the iOS App Store. [Direct Link]

Update: The App Store appears to now be offering the previous 2.6.1 version of Starbucks. It is unclear why the new version has been pulled from the App Store.

Update 2: The new version 2.6.2 has returned to the App Store.

Top Rated Comments

pdgill Avatar
93 months ago
Seems so fishy to me

So most likely from the moment the app took usernames and passwords it has stored them in plain text. And now once it became public knowledge it only takes a week or less for an update?

Kind of a dick move for Starbucks to only care about our security once they get caught. Typical, probably. But still dick.
Score: 7 Votes (Like | Disagree)
kdarling Avatar
93 months ago
Wait. How is it even possible that a development team that would store passwords in plaintext get hired in the first place, much less by a huge company like Starbucks? This blows my mind as a web developer. :confused:
In this case, the data was being stored as part of an optional Crashlytics clear text crash log file used for debugging.

This is why I dislike ever using someone else's add-on tools. Only trust code you write yourself, or at least vet all the output of the third party tools you're using.
Score: 4 Votes (Like | Disagree)
CBJammin103 Avatar
93 months ago
Wait. How is it even possible that a development team that would store passwords in plaintext get hired in the first place, much less by a huge company like Starbucks? This blows my mind as a web developer. :confused:

Here we are talking about agencies and black hats breaking into computers with hardware backdoors / secret zero day exploits / man-on-the-side attacks and there are still people storing passwords in plaintext on the device. Which means that they were probably storing them in plaintext on their servers too.
Score: 4 Votes (Like | Disagree)
iLondoner Avatar
93 months ago
App store says 2.6.2 for me.

Didn't exactly fear any outbreaks of world domination and no coffee got stolen in the meantime.
Score: 4 Votes (Like | Disagree)
seamer Avatar
93 months ago
How did this get passed Apple's review process?
Score: 2 Votes (Like | Disagree)
iMarc845 Avatar
93 months ago
Request to MacRumors: Date- and Time-Stamp On Updates

Attention MacRumors Staff:

This article has two updates on it. Here's a request: PLEASE provide a Date- and Time-Stamp on your article updates.

It is useful to know, for instance, how much time elapsed between when the App update to 2.6.2 was "pulled" and when it re-appeared.

Thank you!
Score: 2 Votes (Like | Disagree)

Top Stories

apple transfer google photos 1

Apple Launches Service for Transferring iCloud Photos and Videos to Google Photos

Wednesday March 3, 2021 12:04 pm PST by
Apple this week introduced a new service that's designed to make it quick and easy for iCloud users to transfer their stored photos and videos to Google Photos. As outlined in an Apple support document, you can go to Apple's privacy website and sign in to see the "Transfer a copy of your data" option. If you select this and go through all the steps, Apple will transfer your iCloud photos and ...
rosetta 2

Rosetta May Be Removed From M1 Macs in Some Regions on macOS 11.3

Tuesday March 2, 2021 5:20 pm PST by
Installing the upcoming macOS 11.3 software update on an M1 Mac may result in Rosetta 2 being removed in one or more regions around the world. In the third beta of macOS 11.3 seeded to developers for testing today, MacRumors contributor Steve Moser uncovered new strings in the beta's code indicating that "Rosetta will be removed upon installing this update." Another new string reads "Rosetta ...
Screen Shot 2021 03 03 at 11

MagSafe Charging Port for iPhone Appears in Apple Patent

Wednesday March 3, 2021 1:30 am PST by
In a newly granted patent, Apple envisions a type of connectivity port using an iteration of its magnetic MagSafe charger to charge an iPhone, potentially paving the way for a future without Lightning. Submitted to the United States Patent and Trademark Office on Tuesday (via Patently Apple), the patent outlines a three-pinned MagSafe charger, similar to the ones found in older MacBook...
Oled iPads and MackBook Pro

OLED 10.9-Inch iPad Rumored for Early 2022, 12.9-Inch iPad Pro and 16-Inch MacBook Pro Could Follow

Thursday March 4, 2021 8:37 pm PST by
Earlier today, DigiTimes shared a preview of an upcoming report claiming that Apple is working on both iPad and Mac notebook models with OLED displays that could launch starting in 2022. The full report from DigiTimes is now available, and it includes several new alleged details about Apple's plans. According to the report, the first of these devices to adopt an OLED display is likely to be...
OLED iPad Pro and MacBook Pro

iPad and MacBook Models With OLED Displays Rumored to Launch in 2022

Thursday March 4, 2021 8:19 am PST by
Apple plans to release new iPad and MacBook models with OLED displays in 2022, according to industry sources cited by Taiwanese supply chain publication DigiTimes. The information was shared in the site's paywalled "Before Going to Press" section, so there are no further details yet, but the full report should be released by tomorrow. Apple has gradually increased its adoption of OLED...
iPad mini pro feature

Sketchy Rumor Claims 'iPad Mini Pro' Launching in Second Half of 2021

Wednesday March 3, 2021 3:04 am PST by
Apple is expected to launch a sixth-generation iPad mini in the first half of 2021, possibly as soon as this March, based on long-standing rumors. However, a new rumor out of Asia that has gained traction in the last 24 hours suggests an "iPad mini Pro" will arrive in the second half of this year. According to a post on Korean blog Naver, whose rumor track record is unknown, the device...
maxresdefault

What's on Your iPhone Home Screen?

Thursday March 4, 2021 10:31 am PST by
Over on our YouTube channel, MacRumors videographer Dan has a new video up where he shares his Home Screen, wallpaper, and all of his current favorite widgets. Subscribe to the MacRumors YouTube channel for more videos. Check out Dan's video to see his setup, and then comment below and show us your own Home Screens. It's always fun to see other peoples' Home Screens, and with widgets and...
apple pencil 3 leak

New Apple Pencil Allegedly Leaks With Glossy Finish and Redesigned Tip

Wednesday March 3, 2021 6:17 am PST by
Images supposedly depicting a third-generation Apple Pencil have been shared on Twitter by the leaker known as "Mr. White." The purported new Apple Pencil appears to share a very similar design to the current, second-generation Apple Pencil, which is shorter than the previous version and charges inductively on the side of an iPad. The updated Apple Pencil appears to have a glossy...
apple watch ecg wrist

Apple Watch ECG Feature Gets Approved in Australia

Wednesday March 3, 2021 2:07 am PST by
The Australian government has approved ECG functionality on the Apple Watch, giving Apple the all-clear to launch the feature for Apple Watch users in the country, according to a regulatory document first spotted by The 8-Bit. Earlier last month, the Apple Watch's irregular heart rhythm notification received approval in Australia, although ECG did not. Irregular heart rhythm is a feature...
PIA23764 RoverNamePlateonMars web

NASA Mars Perseverance Rover Uses Same PowerPC Chipset Found in 1998 G3 iMac

Tuesday March 2, 2021 3:21 am PST by
NASA's Perseverance rover, which recently made history landing on the surface of Mars, is powered by the same processor used in an iMac more than 23 years old. Image Credit: NASA As reported by NewScientist (via Gizmodo), the rover includes the PowerPC 750 processor, the same chip used in the G3 iMac in 1998. The main chipset is the same; however, there are differences between the...