Everything About the Leak of 330K S’pore Starbucks Customers’ Data That Are Sold for $3,500


If you’re a user of the Starbucks app or online store, you might want to check if you’ve received an email from Starbucks.

They’ve reached out to 330,000 Singaporean Starbucks customers after their data has been breached and put up for sale.

Affected Customers Notified 

If you’re one of the 330,000 customers, Starbucks would have emailed you on 16 September.

In the email, they said that a data breach had compromised customers’ personal information, including their names, home and email addresses.

However, credit card data has not been compromised, since Starbucks did not store that data. Data on its customer loyalty programme, such as your stored values, rewards and credits, are unaffected too.

A spokesperson stated that they have immediately taken “reasonable steps” to protect customer information. They’re also fully cooperating with the authorities in investigations, which has been confirmed by the Personal Data Protection Commission.

Data Sold on Online Forum

So far, one copy of the users’ data has already been sold on the online forum BreachForums’ marketplace at $3,500.

There are still four more copies being listed on the site.

Image: BreachForums

In fact, this was categorised under the ‘Verified Leaks Market‘, which means that staff of BreachForums had received enough evidence to determine that this is the real deal, even before Starbucks had responded.

There are a lot of other databases being sold there, such as information on teachers from the Republic of Uganda, and even police databases from Shanghai.

Starbucks Singapore was only aware of the data breach on 13 September. Though they didn’t reveal more details, there are two main ways their data got breached.

The first way is through data scraping, where scripts and tools are used by hackers to collect data.

Alternatively, there’s a more straightforward way: perhaps Starbucks Singapore simply did not secure their data properly.

Join our Telegram channel for more entertaining and informative articles at https://t.me/goodyfeedsg or download the Goody Feed app here: https://goodyfeed.com/app/ 

What Should I Do If My Data Was Compromised? 

Affected customers should be extra-vigilant in the next few weeks.

They should be on the lookout for scams or phishing attempts, and be careful about anything received from strangers or organisations. This is especially since scammers could use your personal information to seem trustworthy and ask for one-time passwords.

Additionally, this information could also be used to access other services too, so be on the lookout for any unauthorised logins.


Read Also:

Featured Image: BreachForums