Starbucks App and Cards Hacked

handsofqwerty

@scottalanmiller said:

@handsofqwerty said:

@Dashrender said:

@handsofqwerty said:

@Dashrender said:

@handsofqwerty said:

Starbucks Hacked - Maybe Not Such a Great Economic Indicator?
http://blogs.wsj.com/economics/2010/06/30/using-starbucks-dunkin-donuts-to-track-economy/

Actually I might say the exact opposite. When businesses that rely on discretionary funds are doing will, that probably means the economy is doing well too because people have extra discretionary funds to spend.

That's exactly what I said. The point was if they were hacked, the numbers are possibly skewed.

Probably not enough to make a real difference in the overall picture though.

That's a fair statement. Even if they stole millions, we're talking about billions of dollars for Starbucks, so you're probably right.

I thought that they stole from customers, not Starbucks?

No they did. But my point is that if they steal from customers, that's going to hurt Starbucks too, because people report the fraud, and then stop going there because they don't trust it, tell others the same, etc.

MattSpeller

Oh no! Whatever will I do!

Yeah never mind

JaredBusch

@MattSpeller said:

Oh no! Whatever will I do!
Yeah never mind

Yeah, that is my normal process too. But I do enjoy something different about once a week or so.

A Former User

Starbucks says they weren't actually hacked though. They are blaming it on people using weak email and starbucks passwords (or using the same one.) etc.

scottalanmiller

@thecreativeone91 said:

Starbucks says they weren't actually hacked though. They are blaming it on people using weak email and starbucks passwords (or using the same one.) etc.

That's my understanding - it was users being hacked, not Starbucks themselves.

Dashrender

@thecreativeone91 said:

Starbucks says they weren't actually hacked though. They are blaming it on people using weak email and starbucks passwords (or using the same one.) etc.

Exactly - there is no hack here, only stupid users...

The only thing that might lay any blame on Starbucks is that SB allowed the same account to have probably 10's if not 1000's of attempts upon a single account without locking it, or making it slow enough that it's not worth the effort, and not blocking IPs that had many bad attempts on them at least for a limited time like 15 mins.

A Former User

@Dashrender said:

Exactly - there is no hack here, only stupid users...

The only thing that might lay any blame on Starbucks is that SB allowed the same account to have probably 10's if not 1000's of attempts upon a single account without locking it, or making it slow enough that it's not worth the effort, and not blocking IPs that had many bad attempts on them at least for a limited time like 15 mins.

Most companies don't for some reason. Likely because they don't want all the end users complaining because they for some reason can't remember passwords and are too cheap to buy LastPass.

scottalanmiller

@thecreativeone91 said:

@Dashrender said:

Exactly - there is no hack here, only stupid users...

The only thing that might lay any blame on Starbucks is that SB allowed the same account to have probably 10's if not 1000's of attempts upon a single account without locking it, or making it slow enough that it's not worth the effort, and not blocking IPs that had many bad attempts on them at least for a limited time like 15 mins.

Most companies don't for some reason. Likely because they don't want all the end users complaining because they for some reason can't remember passwords and are too cheap to buy LastPass.

There is no business incentive for SB or someone like that to have extra security measures because it is the customers, not SB, that are at risk here and it is the customers who complain from having extra security. So implementing security here is likely a lose / lose for SB.

JaredBusch

The bonus to this hack? I finally got my wife to create a random password for the account with LastPass. Now to convince her to do the same with our bank account........

A Former User

I love lastPass.. I pay for the premium version for both lastPass and xMarks totally worth it. @scottalanmiller we should get Amber from LastPass over here.

technobabble

Slowly but surely both our small business and residential clients are accepting LastPass.

tonyshowoff

This just in: the perpetrators were caught because they asked for 30,000 Birthday Cake Pops and 2,000 litres of espresso.

scottalanmiller

@thecreativeone91 said:

I love lastPass.. I pay for the premium version for both lastPass and xMarks totally worth it. @scottalanmiller we should get Amber from LastPass over here

Send her a note. That would be great.

JaredBusch

I love LastPass.

I've been using Lastpass for so long, I do not even recall when I signed up.

I got my first iPhone in 2009 and that drove me to set the premium subscription.

I used it for a year or more before that.

Dashrender

Yeah I can't recall when I started using it either. At least 4 years, but probably more.

I've been talking to my boss about it for use in our office for years, but she says she doesn't trust the technology - i.e. passwords stored on the computer in general.

Recently she while she won't use it, I'm welcome to get others to try it. Of course we all know that without management buy in, software like this rarely takes off due to originating start up cost (time to learn it - sadly no password manager is truly easy to use, especially when websites don't conform).

That said I will be trying to make a better push.