Starbucks disclosed a data breach affecting 889 employees after threat actors used impersonating websites to gain access to Starbucks Partner Central accounts. Exposed data includes names, Social Security numbers, dates of birth, and financial account details, leading to identity theft risk.
Weaponization
Deceptive Websites Lure Employees
confirmed
Threat actors created websites impersonating Starbucks Partner Central to trick employees into divulging their login credentials, initiating the attack.
Defender cut points
Security awareness training on phishing recognitionEmail gateway filtering for malicious linksWeb filtering to block known malicious sites
