Starbucks has disclosed a data breach affecting 889 employees after attackers gained unauthorized access to Partner Central accounts, the internal HR and benefits platform. Discovered on February 6, the breach involved compromised credentials rather than a direct infrastructure attack. Exposed data includes Social Security numbers, dates of birth, and financial account details. Cybersecurity experts warn that such persistent identifiers retain value for years and can enable fraud and identity theft long after the incident. Starbucks is offering affected employees two years of credit monitoring, though experts note the risks extend beyond that window. The incident highlights the growing trend of credential-based attacks and the need to protect data itself, not just perimeter defenses.
Sort: