retail news in context, analysis with attitude

Starbucks is under fire this week because of what seems to be a lack of security measures embedded in its iPhone application.

According to various stories, the Starbucks app stores user names, email addresses, passwords and geographic data in what is called "cleartext" - if you plugged someone's iPhone into your computer, you could access that info fairly easily. Which, especially at a time when a data breach at Target is making major headlines, seems fairly risky.

Starbucks has promised to engineer an update that will fix the problem and create greater security, while saying that it has no evidence of any customers actually being affected by the vulnerability.
KC's View:
I can tell you that this update appears to have come through this morning, which probably is a good thing, since the Starbucks app is one of the most oft-used on my iPhone.

I'm not overly worried about this security problem, though I'm a little surprised that any company would be quite so lax in protecting personal information. I don't think that this is a mistake that many retailers would want to repeat.