Starbucks has disclosed a data breach affecting hundreds of individuals after attackers gained access to internal employee accounts through phishing sites impersonating the company’s Partner Central portal.
The incident exposed sensitive personal and financial information belonging to current or former employees.
According to a breach notification filed with the Maine Attorney General’s Office, the incident affected 889 individuals and occurred between January 19 and February 11, 2026. Starbucks discovered the suspicious activity on February 6, 2026, and began notifying affected individuals on March 10, 2026.
Starbucks said it detected unauthorized access to certain Partner Central accounts, an internal portal used by Starbucks employees to manage payroll, benefits, and employment information.
An investigation determined that the attacker obtained login credentials via websites that impersonated the Partner Central login page, effectively tricking employees into entering their account details. Once the credentials were captured, the unauthorized party used them to access legitimate Partner Central accounts.
Starbucks said it launched an investigation immediately upon detecting the activity, engaged external experts, and notified law enforcement authorities.
The company stated that the accounts potentially exposed multiple categories of sensitive personal information, including:
- Full names
- Social Security numbers
- Dates of birth
- Financial account and routing numbers
These data elements were viewable within the compromised Partner Central accounts and may have been accessed by the attacker during the intrusion.
Because the exposed information includes Social Security numbers and banking details, affected individuals face potential risks such as identity theft or financial fraud if the data is misused.
Starbucks Corporation, headquartered in Seattle, Washington, is one of the world’s largest coffeehouse chains, operating more than 38,000 stores globally and employing hundreds of thousands of workers. The company relies on its Partner Central platform to provide employees with access to HR records, pay information, and internal resources, making the system a valuable target for credential-phishing campaigns.
While the number of individuals affected appears relatively limited compared to large-scale breaches, the sensitivity of the exposed data increases the potential impact on victims.
Starbucks said it took immediate steps to contain the incident and to strengthen security controls for Partner Central access. The company did not disclose the exact security measures implemented, but confirmed that additional protections were put in place after the breach was identified.
To help mitigate potential harm, Starbucks is offering impacted individuals 24 months of complimentary Experian IdentityWorks identity protection services, which include credit monitoring, dark web surveillance, identity restoration assistance, and up to $1 million in identity theft insurance.
Leave a Reply