GO
Loading...

Enter multiple symbols separated by commas

Starbucks updates app to avoid 'potential risk'

After security security experts said Starbucks' mobile payment app makes it easy for hackers to access customers' geological data and password information, the coffee chain updated its app with extra layers of protection with "additional performance enhancements and safeguards."

According to reports, the previous app version could allow them to make unauthorized purchases on the card.

In a statement sent to CNBC on Thursday MIlls said "we have released an updated version of Starbucks Mobile App for iOS which adds extra layers of protection."

This is an update to our original story. Here is an earlier version of the article before Starbucks updated the app:

Computerworld first reported the security hole Wednesday morning, citing security researcher Daniel Wood.

Jasper Juinen | Bloomberg | Getty Images

"There are multiple instances of the storage of clear-text credentials that can be recovered and leveraged for unauthorized usage of a user's account on the malicious user's own device or online at https://www.starbucks.com/account/signin," Wood said in a research note.

Starbucks said that though the report is "technically accurate ... unauthorized access to this information is safeguarded."

"Our customers' security is of the utmost importance to us, and we actively monitor for risks and vulnerabilities. While we are aware of this report, there is no known impact to our customers," said Starbucks spokesperson Linda Mills.

"To further mitigate our customers' potential risk from these theoretical vulnerabilities," she added, "Starbucks has taken additional steps to safeguard any sensitive information that might have been transmitted in this way."

—By CNBC.com

Updated January 17, 2014

Contact Cybersecurity

  • CNBC NEWSLETTERS

    Get the best of CNBC in your inbox

    Please choose a subscription

    Please enter a valid email address
    To learn more about how we use your information,
    please read our Privacy Policy.

Re/code

  • Co-CEO, Revere Digital; Co-Executive Editor, Re/code; and Co-Executive Producer, The Code Conference. Re/code is part of the CNBC network.

  • Co-CEO, Revere Digital; Co-Executive Editor, Re/code; and Co-Executive Producer, The Code Conference. Re/code is part of the CNBC network.

Re/code

  • Co-CEO, Revere Digital; Co-Executive Editor, Re/code; and Co-Executive Producer, The Code Conference. Re/code is part of the CNBC network.

  • Co-CEO, Revere Digital; Co-Executive Editor, Re/code; and Co-Executive Producer, The Code Conference. Re/code is part of the CNBC network.