Starbucks (SBUX) customers are being targeted by hackers getting access to their credit cards through the coffee chain’s mobile payments and gift cards, the company confirmed Wednesday.
Starbucks has received reports of the type of theft described by consumer advocate Bob Sullivan, spokeswoman Maggie Jantzen told CBS MoneyWatch. She declined to quantify how many customers might be impacted.
The thieves are taking advantage of the auto-reload function that many consumers use with Starbucks cards and the chain’s mobile app, Sullivan said. That allows money, in relatively small increments, to be taken quickly.
Sullivan reported hackers are able to get control of accounts by changing email addresses associated with them, draining the funds and doing so again each time the money gets replenished.
He recommends that those with Starbucks gift cards or those who use their mobile payments disable the auto-reload function.
This isn’t the first time Starbucks users have been targeted for such thievery. In 2013, a victim who had $1,700 drained from her bank accountexplained how the small increments involved in auto-reload allow the fraudulent transactions to go under the radar, even when they follow in rapid succession.
Starbucks recommends customers take precautionary steps including using unique user names, changing passwords frequently and monitoring account activity. Those who spot suspicious activity in their accounts should to contact the company’s customer service line immediately.
Jantzen emphasized that the company’s app had not been hacked.