Independent Security Researcher,from Egypt, has found three critical vulnerabilities on StarBucks website that could have allowed attackers to take over your account in just one click. The vulnerabilities include: Remote File Inclusion, Remote Code Execution and CSRF (Cross Site Request Forgery) and Phishing Attacks. The flaws were fixed by StarBuck team nearly ten days ago, but the researcher is still waiting for the reply and bug bounty from the company, as the company started the bug bounty program just two months ago.
Source: https://thehackernews.com/2015/09/hacking-starbukcs-password.html