Starbucks has disclosed a data breach affecting hundreds of employees after threat actors gained access to their Starbucks Partner Central accounts.
As the world’s largest coffeehouse chain, Starbucks has over 380,000 employees (also known as partners) and operates nearly 41,000 locations across 88 countries.
In data breach notification letters filed with Maine’s Attorney General and sent to affected employees on Tuesday, the company says that it discovered the incident on February 6.
A joint investigation with external cybersecurity experts found that the attackers compromised 889 Starbucks Partner Central accounts used to manage employment details, personal information, benefits, and HR information.
Starbucks said the threat actors had access to affected individuals’ accounts between January 19 and February 11, but didn’t explain why it took five days to remove them from its systems.
“On or about February 6, 2026, Starbucks Corporation (‘Starbucks’ or ‘we’) became aware of potential unauthorized access to certain Starbucks Partner Central accounts,” the company said. “The investigation has determined that an unauthorized third party accessed certain Starbucks Partner Central accounts after obtaining the login credentials through websites impersonating Partner Central.”
The personal information exposed in the incident includes employees’ names, Social Security numbers, dates of birth, and financial account and routing numbers.
Starbucks notified law enforcement agencies after discovering the breach and advised employees to monitor their bank accounts for suspicious activity that could indicate fraud or identity theft. The company is also providing impacted partners with two years of free identity theft protection and credit monitoring service through Experian IdentityWorks.
“Upon learning of the incident, we took prompt steps to investigate the nature and scope of the incident and respond to it,” Starbucks added. “We also notified law enforcement and took measures to further strengthen security controls related to access to Starbucks Partner Central accounts.”
BleepingComputer reached out to a Starbucks spokesperson with questions about the incident, but no immediate response was available.
Starbucks’ Singapore division also confirmed a data breach affecting over 219,000 customers in September 2022, after a threat actor compromised the systems of a third-party vendor that stored the affected customers’ data.
The coffee chain was also hit by the aftermath of a Termite ransomware attack that affected Blue Yonder (Starbucks’ supply chain software provider) in November 2024.
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.
Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.