Starbucks Singapore says customer database breached, 200,000 people’s information stolen
- The coffee chain franchise, owned by a Hong Kong-based company, discovered ‘some unauthorised access’ to names, numbers, addresses, gender and dates of birth
- Local media said one copy of the database had already been sold for US$2,500, while Starbucks said no credit card details were taken as it does not store them
Starbucks Singapore said on Friday that its customer database was breached online, with local media reporting that 200,000 people’s information was stolen.
The coffee chain – a licensed Starbucks franchise owned by Hong Kong-based Maxim’s Caterers – said in an email to customers that it had “discovered … some unauthorised access” to details such as names, gender, dates of birth, phone numbers and home addresses.
“Relevant authorities have been informed and Starbucks Singapore is assisting them on this matter,” said the email.
The company said it was made aware of the breach on September 13, and that no credit card details were taken as it does not store them. It urged customers to reset their passwords.
A public relations agency representing Starbucks Singapore said it was “unable to disclose the number of affected customers”.
The Straits Times said 200,000 customers’ data was stolen and put on sale in an online forum on September 10. One copy of the database had already been sold for S$3,500 (US$2,500), the newspaper added.
The city state’s Personal Data Protection Commission said it had been notified about the incident and has reached out to Starbucks Singapore for more information.