- Starbucks confirms February 2026 cyberattack on Partner Central
- 889 employee accounts compromised through credential theft
- Sensitive data exposed, including social security numbers and financial details
Starbucks has confirmed that it suffered a cyberattack in early February 2026, losing confidential data of hundreds of its employees.
The company confirmed the news by filing a new report with the Maine Attorney General’s Office, in which it also shared a sample of the data breach notification letter it sent to affected individuals, noting that it had learned of “possible unauthorized access” to certain Starbucks Partner Central accounts, on February 6, 2026.
Starbucks Partner Central is the company’s centralized human resources and workplace platform, an internal online portal where employees (“partners”) manage work-related tasks such as schedules, pay statements, benefits, training and company updates.
Article continues below.
Starbucks Partner Central accounts are affected
After detecting the intrusion, Starbucks launched an investigation and took steps to contain the incident, notifying authorities in the process.
“The investigation has determined that an unauthorized third party accessed certain Starbucks Partner Central accounts after obtaining login credentials through websites impersonating Partner Central,” the notice reads.
“Depending on the types of information visible within those accounts, some of your personal information may have been affected.”
That data includes at least people’s names, Social Security numbers, dates of birth, and financial account numbers and routing numbers.
In the Maine AG filing, Starbucks said 889 Starbucks Partner Central accounts were compromised.
Starbucks is the largest coffee chain in the world, with more than 40,000 stores worldwide and a presence in almost 90 countries around the world. In 2025, Starbucks employs around 381,000 people worldwide and reports around $37.2 billion in annual revenue.
This is not the first time Starbucks has been attacked by hackers. In 2022, its offices in Singapore were attacked, affecting nearly 220,000 customers, and two years later, in late 2024, its supply chain software provider, Blue Yonder, suffered a Termite ransomware infection.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
