You thought the news about banking was bad. Well, it's not just the banking apps...
The Starbucks mobile app, the most used mobile-payment app in the U.S., has been storing usernames, email addresses and passwords in clear text, Starbucks executives confirmed late on Tuesday (Jan. 14). The credentials were stored in such a way that anyone with access to the phone can see the passwords and usernames by connecting the phone to a PC. No jailbreaking of the phone is necessary. And that clear text also displays an extensive list of geolocation tracking points (latitude, longitude), a treasure trove of security and privacy gems for anyone who steals the phone.
http://www.computerworld.com/s/article/print/9245438/Evan_Schuman_Starb…
Starbucks have responded:
http://www.computerworld.com/s/article/print/9245492/Starbucks_vows_to_…
Starbuck's Official letter:
http://news.starbucks.com/views/security-of-starbucks-mobile-app-for-ios
One down...