Starbucks App and Cards Hacked
-
Starbucks says they weren't actually hacked though. They are blaming it on people using weak email and starbucks passwords (or using the same one.) etc.
-
@thecreativeone91 said:
Starbucks says they weren't actually hacked though. They are blaming it on people using weak email and starbucks passwords (or using the same one.) etc.
That's my understanding - it was users being hacked, not Starbucks themselves.
-
@thecreativeone91 said:
Starbucks says they weren't actually hacked though. They are blaming it on people using weak email and starbucks passwords (or using the same one.) etc.
Exactly - there is no hack here, only stupid users...
The only thing that might lay any blame on Starbucks is that SB allowed the same account to have probably 10's if not 1000's of attempts upon a single account without locking it, or making it slow enough that it's not worth the effort, and not blocking IPs that had many bad attempts on them at least for a limited time like 15 mins.
-
@Dashrender said:
Exactly - there is no hack here, only stupid users...
The only thing that might lay any blame on Starbucks is that SB allowed the same account to have probably 10's if not 1000's of attempts upon a single account without locking it, or making it slow enough that it's not worth the effort, and not blocking IPs that had many bad attempts on them at least for a limited time like 15 mins.
Most companies don't for some reason. Likely because they don't want all the end users complaining because they for some reason can't remember passwords and are too cheap to buy LastPass.
-
@thecreativeone91 said:
@Dashrender said:
Exactly - there is no hack here, only stupid users...
The only thing that might lay any blame on Starbucks is that SB allowed the same account to have probably 10's if not 1000's of attempts upon a single account without locking it, or making it slow enough that it's not worth the effort, and not blocking IPs that had many bad attempts on them at least for a limited time like 15 mins.
Most companies don't for some reason. Likely because they don't want all the end users complaining because they for some reason can't remember passwords and are too cheap to buy LastPass.
There is no business incentive for SB or someone like that to have extra security measures because it is the customers, not SB, that are at risk here and it is the customers who complain from having extra security. So implementing security here is likely a lose / lose for SB.
-
The bonus to this hack? I finally got my wife to create a random password for the account with LastPass. Now to convince her to do the same with our bank account........
-
I love lastPass.. I pay for the premium version for both lastPass and xMarks totally worth it. @scottalanmiller we should get Amber from LastPass over here.
-
Slowly but surely both our small business and residential clients are accepting LastPass.
-
This just in: the perpetrators were caught because they asked for 30,000 Birthday Cake Pops and 2,000 litres of espresso.
-
@thecreativeone91 said:
I love lastPass.. I pay for the premium version for both lastPass and xMarks totally worth it. @scottalanmiller we should get Amber from LastPass over here
Send her a note. That would be great.
-
I love LastPass.
I've been using Lastpass for so long, I do not even recall when I signed up.
I got my first iPhone in 2009 and that drove me to set the premium subscription.
I used it for a year or more before that.
-
Yeah I can't recall when I started using it either. At least 4 years, but probably more.
I've been talking to my boss about it for use in our office for years, but she says she doesn't trust the technology - i.e. passwords stored on the computer in general.
Recently she while she won't use it, I'm welcome to get others to try it. Of course we all know that without management buy in, software like this rarely takes off due to originating start up cost (time to learn it - sadly no password manager is truly easy to use, especially when websites don't conform).
That said I will be trying to make a better push.