- Starbucks confirms February 2026 cyber attack on Partner Central
- 889 employee accounts compromised via credential theft
- Sensitive data exposed, including SSNs and financial details
Starbucks has confirmed that it suffered a cyber attack in early February 2026 and lost sensitive data on hundreds of its employees.
The company confirmed the news by filing a new report with the Maine Office of Attorney General, in which it also shared an example of the data breach notification letter it sent out to affected individuals, noting that it had become aware of “potential unauthorized access” to certain Starbucks Partner Central accounts on February 6, 2026.
Starbucks Partner Central is the company’s centralized HR and workplace platform, an internal online portal where employees (“Partners”) manage work-related tasks such as schedules, payroll, benefits, training and company updates.
The article continues below
Starbucks Partner Central accounts affected
Upon discovering the intrusion, Starbucks initiated an investigation and moved to contain the incident, notifying law enforcement in the process.
“The investigation has determined that an unauthorized third party gained access to certain Starbucks Partner Central accounts after obtaining the login information through websites impersonating Partner Central,” the announcement reads.
“Based on the types of information that can be seen on these accounts, some of your personal information may have been affected.”
At a minimum, this data includes people’s names, social security numbers, dates of birth and financial account numbers and routing numbers.
In the Maine AG filing, Starbucks said 889 Starbucks Partner Central accounts were compromised.
Starbucks is the largest coffeehouse chain in the world, operating more than 40,000 stores globally and with a presence in nearly 90 countries around the world. As of 2025, Starbucks employs about 381,000 people worldwide and reports about $37.2 billion in annual revenue.
This is not the first time Starbucks has been hit by hackers. In 2022, its offices in Singapore were hit, affecting nearly 220,000 customers, and two years later – in late 2024 – its supply chain software vendor Blue Yonder was hit by a Termite ransomware infection.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
