Starbucks Discloses Data Breach Impacting Hundreds of Employees
Starbucks recently confirmed a data breach affecting 889 employees after threat actors gained unauthorized access to their Starbucks Partner Central accounts, which store sensitive employment and personal information. The incident was discovered on February 6, 2026, following an investigation that revealed attackers had compromised accounts between January 19 and February 11.
The breach exposed employees' names, Social Security numbers, dates of birth, and financial account details, including routing numbers. According to Starbucks, the attackers obtained login credentials through fraudulent websites impersonating Partner Central. The company took five days to revoke access after detecting the intrusion.
In response, Starbucks notified law enforcement, enhanced security controls for Partner Central accounts, and offered affected employees two years of free identity theft protection and credit monitoring via Experian IdentityWorks. The company also advised impacted individuals to monitor their bank accounts for suspicious activity.
This incident follows previous breaches, including a 2022 attack on Starbucks Singapore that exposed over 219,000 customers due to a third-party vendor compromise, and a 2024 ransomware attack on supply chain provider Blue Yonder, which disrupted Starbucks' operations.
Starbucks cybersecurity rating report: https://www.rankiteo.com/company/starbucks
"id": "STA1773390498",
"linkid": "starbucks",
"type": "Breach",
"date": "2/2026",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': '889 employees',
'industry': 'Food & Beverage',
'location': 'Global (primarily U.S.)',
'name': 'Starbucks',
'size': 'Large',
'type': 'Corporation'}],
'attack_vector': 'Fraudulent websites impersonating Partner Central',
'customer_advisories': 'Advised affected employees to monitor bank accounts '
'for suspicious activity',
'data_breach': {'number_of_records_exposed': '889',
'personally_identifiable_information': 'Names, Social '
'Security numbers, '
'dates of birth, '
'financial account '
'details',
'sensitivity_of_data': 'High (PII, financial details)',
'type_of_data_compromised': 'Personal and financial '
'information'},
'date_detected': '2026-02-06',
'description': 'Starbucks confirmed a data breach affecting 889 employees '
'after threat actors gained unauthorized access to their '
'Starbucks Partner Central accounts, which store sensitive '
'employment and personal information. The breach exposed '
'names, Social Security numbers, dates of birth, and financial '
'account details.',
'impact': {'data_compromised': 'Names, Social Security numbers, dates of '
'birth, financial account details (routing '
'numbers)',
'identity_theft_risk': 'High',
'payment_information_risk': 'High',
'systems_affected': 'Starbucks Partner Central'},
'initial_access_broker': {'entry_point': 'Fraudulent websites impersonating '
'Partner Central',
'high_value_targets': 'Starbucks Partner Central '
'accounts',
'reconnaissance_period': 'January 19 - February 11, '
'2026'},
'investigation_status': 'Completed (initial investigation)',
'post_incident_analysis': {'corrective_actions': 'Enhanced security controls '
'for Partner Central '
'accounts',
'root_causes': 'Compromised login credentials via '
'fraudulent websites'},
'references': [{'source': 'Starbucks Disclosure'}],
'response': {'communication_strategy': 'Advisories to affected employees to '
'monitor bank accounts',
'containment_measures': 'Revoked access to compromised accounts '
'(took 5 days after detection)',
'law_enforcement_notified': 'Yes',
'remediation_measures': 'Enhanced security controls for Partner '
'Central accounts',
'third_party_assistance': 'Experian IdentityWorks (identity '
'theft protection and credit '
'monitoring)'},
'title': 'Starbucks Data Breach Impacting Hundreds of Employees',
'type': 'Data Breach',
'vulnerability_exploited': 'Compromised login credentials'}