Starbucks Singapore said Friday its customer database was breached online, with local media reporting that 200,000 people’s information was stolen.
The coffee chain — a licensed Starbucks franchise owned by Hong Kong-based Maxim’s Caterers — said in an email to customers that it had “discovered… some unauthorized access” to details such as names, gender, dates of birth, phone numbers and home addresses.
“Relevant authorities have been informed and Starbucks Singapore is assisting them on this matter,” said the email seen by AFP.
The company said it was made aware of the breach on September 13, and that no credit card details were taken as it does not store them.
It urged customers to reset their passwords.
A public relations agency representing Starbucks Singapore told AFP it was “unable to disclose the number of affected customers”.
The Straits Times said 200,000 customers’ data was stolen and put on sale in an online forum on September 10.
One copy of the database had already been sold for Sg$3,500 ($2,500), the newspaper added.
The city-state’s Personal Data Protection Commission told AFP it had been notified about the incident and has reached out to Starbucks Singapore for more information.