Search
START TYPING AND PRESS ENTER TO SEARCH

Blog

Starbucks customers’ mobile accounts breached by thieves

Some Starbucks customers have had money siphoned out of their Starbucks mobile app by thieves using a clever new attack, but Starbucks itself hasn't been hacked, the company said Friday. It works like this: First, the thieves buy stolen passwords and IDs on the underground market. They then use an automated program to try the stolen combinations one after another on the Starbucks mobile app until one works, according to application security firm Checkmarx. This is what's called a "brute force" attack. These programs can "process" hundreds of ID-password combinations a second. If the user has it set the app up to automatically reload from their credit card or PayPal account, the thieves can immediately steal again as soon as the app has more money in it, according to application security firm Checkmarx. Read the full article here.
Facebook
Linkedin
Twitter
Youtube
Envelope
Facebook Linkedin Twitter Youtube Envelope

About the Author

Stephen Gates

Stephen Gates

Stephen Gates is an experienced writer, blogger, and published author who brings 15+ years of hands-on knowledge in information security to the Checkmarx team. Stephen is dedicated to conveying facts, figures, and information that brings awareness to the cybersecurity issues all organizations and consumers face. Aligning with Checkmarx mission of improving software security for all organizations, he is an advocate and promoter of their solutions worldwide.
See All Blogs >
Stephen Gates

Stephen Gates

Stephen Gates is an experienced writer, blogger, and published author who brings 15+ years of hands-on knowledge in information security to the Checkmarx team. Stephen is dedicated to conveying facts, figures, and information that brings awareness to the cybersecurity issues all organizations and consumers face. Aligning with Checkmarx mission of improving software security for all organizations, he is an advocate and promoter of their solutions worldwide.
See All Blogs >

About the Author

Never miss an update. Subscribe today!

By submitting my information to Checkmarx, I hereby consent to the terms and conditions found in the Checkmarx Privacy Policy and to
the processing of my personal data as described therein. By clicking submit below, you consent to allow Checkmarx
to store and process the personal information submitted above to provide you the content requested.

More Resources to Consider

Introducing AI Query Builder for SAST 
May 31, 2023
Ericsson Sensitive Data Exposure via Trace.axd 
May 25, 2023
Checkmarx Named a Leader in the 2023 Gartner® Magic Quadrant™ for Application Security Testing for the 6th Consecutive Year 
May 23, 2023
A new, stealthier type of Typosquatting attack spotted targeting NPM  
May 9, 2023
Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.
ABOUT CHECKMARX
REQUEST A DEMO
CAREERS WITH US

Contact Us

Interested in learning more about our unified platform and services?
Get in touch with a member of our team.
Request a Demo
Learn More
Solutions
Industry
Solutions For
Services
Partners
Company
Resources
Community
Linkedin Twitter Youtube Facebook

Terms of Use | Checkmarx Privacy Policy | Checkmarx.com Cookie Policy

©2023 Checkmarx Ltd. All Rights Reserved. iISO/IEC 27001:2013 Certified

Skip to content