Starbucks recently averted a public relations disaster and stock dive when a security researcher found an internal API that had exposed a Microsoft Graph instance that allowed anyone access to 100 million user records including names, emails, phone numbers, and addresses. Here's how. They closed the hole, but did not report whether any records had leaked prior to discovery...