Starbucks has confirmed that customers in Singapore have been impacted by a data leak that exposed personal data such as names, birthdates, and mobile numbers. Starbucks stated that credit card details and passwords were not affected, however, it urged its customers in Singapore to change their passwords. The coffee chain released an email notification to those affected on Friday stating that it had detected unauthorized activity during which an individual accessed customer details. In addition to the previously mentioned data, some users’ residential addresses were also exposed.
Fortunately, details related to Rewards customer loyalty was also unaffected. Starbucks does not store credit card information, meaning that these details were not compromised. Starbucks stated that it had been in contact with local authorities, who were assisting them in investigating the data leak. Sources state that the hacker who accessed the data has already been peddling it on online forums located on the dark web specifically for trading stolen information. The hacker allegedly posted to a dark web site on September 10 claiming to be selling Starbucks Singapore customer data. The hacker claimed to have more than 553,000 records.
Read More: Starbucks Singapore says customer data illegally accessed in data leak
