Starbucks says its popular mobile app has not been hacked, contradicting multiple media reports that intruders have hijacked the accounts of hundreds of the coffee chain’s customers, siphoned off the value stored on the smartphones, and then used the auto-reload function to steal debit and credit card information.
“Starbucks takes the obligation to protect customers’ information seriously. News reports that the Starbucks mobile app has been hacked are false,” the company said in a statement on Wednesday.
Starbucks can ill-afford any bad publicity around the app. Its mobile payment service is an industry-leading success, behind some 16% of purchases, its CEO Howard Schulz told investors in January. The app helps foster customer loyalty but also reduces the interchange transaction fees charges it would pay credit and debit card issuers. What’s more, the app will play a key role in Starbucks’ upcoming delivery service.
Though Starbucks has denied this kind of hack has happened, the reports have raised questions about whether cyber-thugs are going after firms that create alternative payment systems because of how hard it is to intrude on the financial institutions’ systems.
Some media reported that hackers got into Starbucks cards and apps by getting password and user names from customers’ other accounts.
Starbucks encouraged customers to use different ID’s and password for the different sites they use, use complex passwords that mix lower-case and smaller-case letters, as well as numbers.
A number of prominent companies have been hit by cyber-criminals, sometimes to devastating effect. Target lost hundreds of millions of dollars because of a 2013. Other big names have included JP Morgan, Home Depot, Neiman Marcus and Michaels.
This story originally appeared on Fortune Magazine