Swiss Starbucks customers found vulnerable due to insecure WiFi

The investigation by SRF found that hackers could easily gain access to names, phone numbers, and e-mail addresses of customers at a Starbucks shop in Bern. Keystone

An investigation by Swiss Public Television, SRF, found that data wasn’t sufficiently protected when customers used WiFi at cafes in Switzerland of the global coffee chain.

This content was published on December 4, 2018 - 13:11
SRF/jdp

Free WiFi access at Starbucks - one of the great perks offered by the company – was investigated by the SRF consumer programme “Kassensturz”. The programme worked with experts at the Dreamlab cyber security firm to hack into the WiFi system at one of the Starbucks cafes in the Swiss capital, Bern.

The investigation revealed that with a free downloadable app, Dreamlab could quickly and easily find the so-called MAC-address of users (a unique identifier for every device connected to a network) that enable it to access data entered by customers. This includes customers' names, phone numbers, and e-mail addresses that could be used to steal identities and commit various crimes.

The federal data protection law clearly states that a WiFi operator must treat customer data confidentially and ensure its integrity as well as its protection.

Marc Peter from DreamLab and a professor of digital transformation explained that “public WiFi networks are generally seen as insecure. Especially those abroad shouldn’t be used”.

In a response to the "Kassensturz" report, a Starbucks spokesperson said there were no indications any customer data had been compromised and that in the meantime the company had implemented measures blocking access to customers' personal information.

This article was automatically imported from our old content management system. If you see any display errors, please let us know: community-feedback@swissinfo.ch

Share this story