Starbucks Employee Data Breach

Starbucks, a globally renowned coffee chain, has officially disclosed a data breach incident involving the personal information of its employees. The company states that this breach was identified on February 6.

The breach occurred through unauthorized access to the Partner Central accounts, which is the company’s employee portal used by Starbucks staff referred to as “partners.” Partner Central is an online portal used by employees to manage their personal information, payroll details, and employee benefits. Starbucks confirms that their internal systems or network were not directly hacked. Instead, attackers used a phishing attack by creating fake websites resembling the Partner Central portal to steal employees’ login credentials. According to notifications sent to affected employees, unauthorized parties may have accessed sensitive information such as names, Social Security numbers, dates of birth, and bank account details (including financial account numbers and routing numbers).

According to the data breach notification filed with the Maine Attorney General’s Office, approximately 900 employees were affected by this incident. It is reported that Starbucks employs over 200,000 workers across the United States. Investigations revealed that the unauthorized access occurred between January 19 and February 11. Starbucks has informed law enforcement authorities about the incident and has taken steps to provide free identity protection services to the impacted employees. Cybersecurity experts emphasize that phishing attacks remain a leading cause of data breaches worldwide, and stealing login credentials through fake websites poses a significant risk even to large corporations.