Starbucks app brings added convenience of storing your username, password, email, and geolocation in plain text on your phone.

Evan Shuman for Computerworld:

The Starbucks mobile app, the most used mobile-payment app in the U.S., has been storing usernames, email addresses and passwords in clear text, Starbucks executives confirmed late on Tuesday (Jan. 14). The credentials were stored in such a way that anyone with access to the phone can see the passwords and usernames by connecting the phone to a PC. No jailbreaking of the phone is necessary. And that clear text also displays an extensive list of geolocation tracking points (latitude, longitude), a treasure trove of security and privacy gems for anyone who steals the phone. link

Not a huge (venti) deal given a baddie would physically need your phone, but couldn't even a monkey1 implement some basic encryption on the personal data?

  1. Not this monkey perhaps.