According to ZDNET, personal data of customers in Singapore has illegally been accessed in a data leak.
The US F&B chain sent email messages to its customers, notifying them about the cyberattack. It was revealed that the leaked data includes names, birthdates, and mobile numbers, however, credit card details and passwords have not yet been leaked. The company said it had detected unauthorized activity online as well as unauthorized access to customer details. During this period, it is advised that customers should change their passwords.
On 10th September, the hackers claimed access to Starbucks Singapore’s full database containing more than 553,000 records and offered a sample dump.
A spokesperson from Starbucks emphasized the cyberattack to ZDNET. In an email response, she revealed that the company discovered the breach on Tuesday, 13th September 2022. She added that the breach could’ve affected customers who had registered an e-commerce account and completed a transaction via the Starbucks in-app delivery or online services.
The customers were notified about the breach through an email message from the company.
Furthermore, the spokesperson said that Starbucks has safeguards in place to constantly monitor fraudulent activities. “The security of our customers’ information is critically important. They will continue to be protected,” Starbucks spokesperson added. However, she did not reveal how many customers the data breach had affected.
Additionally, Starbucks said that data such as stored value and credits for its Rewards Customer Loyalty Programme were unaffected. According to Starbucks, credit cards could not be compromised as it doesn’t store such information.
While Starbucks is implementing additional security measures, ZDNET said that the hackers are yet to leverage online forums to trade the databases.
Recently, it was reported that Samsung experienced a data breach. Samsung disclosed that it discovered the breach in August.
The company said that hackers were able to access information such as names, date of birth, contact, demographic information and product registration details.
However, Samsung said the cyberattack did not affect Social Security numbers and credit cards or debit cards.
