Phishing attack on Starbucks employee portal exposes nearly 900 workers
A phishing campaign targeting Starbucks’ internal employee portal has exposed the Social Security numbers and banking details of nearly 900 workers, and cybersecurity experts warn the damage could last for years.
Starbucks has disclosed a data breach affecting 889 employees after attackers gained unauthorised access to Starbucks Partner Central accounts, the internal platform workers use to manage their employment details, payroll, and benefits information.
The company discovered suspicious activity on 6 February 2026, with investigators finding that accounts had been compromised between 19 January and 11 February.
Attackers obtained valid login credentials by directing employees to fraudulent websites designed to impersonate the legitimate Partner Central login page, a phishing tactic that allowed them to authenticate into real accounts without ever directly breaching Starbucks’ core infrastructure.
The exposed data included full names, Social Security numbers, dates of birth, and financial account and banking routing numbers linked to direct deposit records.
Starbucks notified law enforcement, strengthened security controls on Partner Central, and confirmed the breach does not affect customers. The company is offering affected employees two years of free credit monitoring and identity protection through Experian IdentityWorks.
Cybersecurity experts have warned that the exposed data, including Social Security numbers and financial identifiers, retains value to criminal groups for years and cannot simply be reset like a password.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!