Critical Analysis Of Starbucks

913 Words2 Pages

Starbucks is the largest coffee chain industry in the world. In 2014 alone, Starbucks processed 2 billion dollars in mobile payment transactions (Elizabeth, 2015). Starbucks mobile app allows customers to transfer balance from their bank accounts to their Starbucks accounts for future purchases. Several customers have had money stolen from their Starbucks mobile app by thieves using smart new attacks.
The hackers took advantage of three vulnerabilities related to the users and the mobile app. First, they took advantage of the customers who use the same username and password across different websites accounts. Some analysists believe that thieves bought usernames and passwords from the darknet to access Starbucks customers’ accounts. The fact …show more content…

They used this money to make purchases from the stores and to sell Starbucks gift cards.
Although many writers accused the company for its weak security measures, the company didn't accept fault for these hacks, and it did acknowledge the customer complaints basically by saying “it's your own fault for having weak passwords.” The good news, the company reimbursed the customers for the purchases that they didn’t make. Neither the number of the victims or the amount of the money stole were declared by the company.
A big responsibility lies on the customers to protect their accounts from getting stolen by thieves. A part of that is using strong and complex passwords and using different passwords for different accounts. But still, the company can play a significant role in helping the customer protect their accounts by requiring minimum criteria for the passwords. For example, the password shouldn’t match the username, it should include letters, numbers and special characters, and it should be at least eight characters. Also, using double authentication methods for processing the purchases would have protected the …show more content…

It shows the date, type, and location of the breach and the number of the records breached in some cases. Also, it provides links that take you to other sites that published about the breach, which was so helpful to see the whole picture of the story. The fact that I found about the Starbucks breach in only one repository is an indication that there is a big discrepancy between these repositories either in the mean of defining a breach or in collecting all the breaches that have happened. In my opinion, the “Privacy Rights Clearinghouse” is the easiest and the most organized in comparison with the other repositories. I think it is better if they linked the CVE ID numbers to the breaches, so the researchers can easily find the breaches on other sites.
These repositories can be so beneficial to the academic communities. Having these repositories can save the researcher so much time finding information about a breach and allow them to tie incidents, so they understand what lead to each breach. Furthermore, researchers can use these repositories to analyze and predict future

Open Document