security alert

Starbucks App Passwords Are Vulnerable to Hacks In Case You Really Need a Mocha

Don't you dare touch our free drink reward.

It's not even updated for iOS 7. (Photo: Starbucks)

It’s not even updated for iOS 7. (Photo: Starbucks)

When it’s not offering you downloads of Snow Patrol, the Starbucks app is busy being vulnerable to hackers. A flaw was recently discovered by researchers that showed people’s passwords and usernames aren’t properly secured in the iOS app.

The information can be obtained when your phone is connected to a computer, Computer World reported on Tuesday. So, a stranger can take a person’s iPhone, connect it to a laptop and access a “treasure trove of security and privacy gems.” Or they could just buy a cup of coffee.

Daniel Wood, the researcher who found the problem, said hackers can steal more than your “Free App of the Week” download:

“The application is storing the users’ information — everything from your full name to your address to your username and password as well as your email address,” said Mr. Wood to CNN Money.

If you weren’t panicking before, he added that your Starbucks account can also be drained.

A company spokesman confirmed to CNN Money today that the possibility of your information being exploited is “very far fetched” and it’s always monitoring the safety of its customers information. Starbucks was alerted to the problem in November, but is only now doing something to repair it. An update that adds “extra layers of protection” will be released soon, Starbucks says.

Good, because didn’t want to use cash like those plebes over at Dunkin’ Donuts.

Follow Jordan Valinsky on Twitter or via RSS. jvalinsky@observer.com