SEATTLE – Starbucks updated its app for iPhone Thursday after concerns arose that customer credit card and personal information might be at risk.
The Starbucks mobile app, that allows customers to pay for drinks and food directly from their smartphones, may be vulnerable to hacking, according to a Seattle Times report released Thursday.
The Times reported the app saves usernames, passwords and other personal information in plain text, which means a hacker could steal a phone, plug it into a laptop and easily recover the user info, without even knowing the smartphone's pin code.
Starbucks officials admitted the vulnerability, but said no customers have reported being hacked as a result.
Thursday evening Starbucks posted a statement on its website that said the company had updated the Starbucks mobile app for iOS. The update included new privacy protections, according to the statement and that further updates were pending.
The release read, in part:
Out of an abundance of caution, we are also working to accelerate the deployment of an update for the app that will add extra layers of protection. We expect this update to be ready soon and will share our progress here. While we are working on the update, we would like to emphasize that your information is protected and that you should continue to feel confident about the integrity of our iOS app.
There were no reports on whether Android users or other mobile platforms were vulnerable.