Starbucks, who makes their coffee the same way I like my women – strong and bitter – has released an updated version of its iOS app in response to reports that the app was storing customers’ information in unencrypted format.
The vulnerabilities, first reported on a security mailing list by researcher Daniel Wood, affected the the company’s popular app, which allows users to participate in the company’s loyalty program, as well as purchase and use in-store credit.
The app reportedly saved customer information in a plain text file that was stored on the device.
While it’s not known for certain if the coffee brewer’s developers completely addressed the security issues that got so much attention in the news this week, version 2.62 of the app does list “additional performance enhancements and safeguards” as the update in the new version.
Researcher Wood claims he contacted Starbucks to report the flaw last November, and then he decided to go public with the issue after the company failed to address it.
While accessing the unencrypted information required physical access to a users device, and no reports of bad guys actually stealing the information have appeared, MacTrast can’t stress enough the advice to always use unique logins to your various online services.