Credit card hackers may be targeting Starbucks gift and loyalty card users to steal cash automatically loaded onto their accounts, according to a report Monday.
Bob Sullivan, an independent journalist who describes himself as a “tech skeptic” on the website BobSullivan.net, said hackers are taking advantage of the auto-reload function that adds cash to MyStarbucksRewards cards linked to customer credit cards.
Maggie Jantzen, a spokeswoman for Starbucks Corp., said there is no data breach that the company is aware of, and the Seattle-based coffeehouse operator could not quantify such incidents, or whether they were on the rise.
Starbucks takes its obligation to protect customers seriously, and is constantly monitoring for fraudulent activity, Jantzen said.
Safeguards are in place — although the company could not offer details — and Starbucks works with customers and their financial institutions to make sure money is refunded when fraud occurs.
Customers can also take precautions, Jantzen said.
“We work with customers on best practices, like using unique usernames and passwords and changing those passwords routinely,” she said.
How hackers were able to access usernames and passwords is unclear, but Sullivan cited the example of an Orlando, Fla., woman, Maria Nistri, who said about $34.77 loaded onto her card was stolen initially.
When her balance hit zero, the card was automatically reloaded with another $25, which was also stolen. Then the hackers apparently changed the reload amount to $75 and took that too, all within minutes.
Nistri, meanwhile, was notified that her password had been changed and immediately contacted Starbucks. Jantzen said the company worked with her to correct the problem.
Sullivan’s report, however, indicated that Nistri was forced to dispute the $100 in reload charges with her credit card company.
Sullivan cited other reports across the Internet of customers finding unauthorized charges on their cards. He recommended that all Starbucks card users disable the reload function.
Jantzen said that is an option, but not necessary if customers monitor their accounts.
Digital security is a growing concern across the industry, as restaurant operators adopt mobile payment technologies.
Starbucks has more than 10 million My Starbucks Rewards members, and customers loaded $1.1 billion onto Starbucks cards during the second quarter ended March 29 alone, a 19-percent increase over the prior year.
More than 16 million customers are active users of Starbucks apps, including one that allows customers to pay via smartphone in units. The company processes more than 8 million mobile payment transactions per week.
Later this year, Starbucks is adding an order-and-pay-ahead feature that will allow customers to skip the lines at its locations.
Contact Lisa Jennings at [email protected].
Follow her on Twitter: @livetodineout