- Starbucks confirms February 2026cyberattack on Partner Central
- 889 employee accounts compromised via credential theft
- Sensitive data exposed, including SSNs and financial detail
Starbucks has confirmed suffering a cyberattack in early February 2026, losing sensitive data on hundreds of its employees.
The company confirmed the news by filing a new report with the Maine Office of the Attorney General, in which it also shared a sample of the data breach notification letter it sent out to the affected individuals, noting it had become aware of “potential unauthorized access” to certain Starbucks Partner Central accounts, on February 6, 2026.
Starbucks Partner Central is the company’s centralized HR and workplace platform, an internal online portal where employees (“partners”) manage work-related tasks such as schedules, pay statements, benefits, training, and company updates.
Starbucks Partner Central accounts hit
After spotting the intrusion, Starbucks launched an investigation and moved to contain the incident, notifying law enforcement in the process.
“The investigation has determined that an unauthorized third party accessed certain Starbucks Partner Central accounts after obtaining the login credentials through websites impersonating Partner Central,” the notice reads.
“Based on the types of information viewable within those accounts, some of your personal information may have been impacted.”
That data includes at least people’s names, social security numbers, dates of birth, and financial account numbers and routing numbers.
In the Maine AG filing, Starbucks said 889 Starbucks Partner Central accounts were compromised.
Starbucks is the biggest coffeehouse chain in the world, running more than 40,000 stores globally, and with a presence in almost 90 countries around the world. As of 2025, Starbucks employs around 381,000 people worldwide, reporting around $37.2 billion in annual revenue.
This is not the first time Starbucks was hit by hackers. In 2022, its offices in Singapore were struck, affecting almost 220,000 customers, and two years later - in late 2024 - its supply chain software provider Blue Yonder was hit with a Termite ransomware infection.
Via BleepingComputer
