https://community.isc2.org/t5/Tech-Talk/Starbucks-APIs-Broken/m-p/36618#M2804 <P>Starbucks recently averted a public relations disaster and stock dive when a security researcher found an<SPAN>&nbsp;internal API that had exposed a Microsoft Graph instance that allowed anyone access to 100 million user records including names, emails, phone numbers, and addresses. Here's <A href="https://medium.com/@hungrybytes/hacking-starbucks-and-accessing-nearly-100-million-customer-records-d0ae4bf25e9b" target="_blank" rel="noopener">how</A>. They closed the hole, but did not report whether any records had leaked prior to discovery...</SPAN></P><P>&nbsp;</P><P>&nbsp;</P> Mon, 09 Oct 2023 09:33:30 GMT AppDefects 2023-10-09T09:33:30Z https://community.isc2.org/t5/Tech-Talk/Starbucks-APIs-Broken/m-p/36618#M2804 <P>Starbucks recently averted a public relations disaster and stock dive when a security researcher found an<SPAN>&nbsp;internal API that had exposed a Microsoft Graph instance that allowed anyone access to 100 million user records including names, emails, phone numbers, and addresses. Here's <A href="https://medium.com/@hungrybytes/hacking-starbucks-and-accessing-nearly-100-million-customer-records-d0ae4bf25e9b" target="_blank" rel="noopener">how</A>. They closed the hole, but did not report whether any records had leaked prior to discovery...</SPAN></P><P>&nbsp;</P><P>&nbsp;</P> Mon, 09 Oct 2023 09:33:30 GMT https://community.isc2.org/t5/Tech-Talk/Starbucks-APIs-Broken/m-p/36618#M2804 AppDefects 2023-10-09T09:33:30Z