The Starbucks app for the iPhone apparently stores the username, email address and password in clear text. The issue was discovered by Daniel E. Wood. Starbucks issued an app update later on Thursday with a rather vague release note. There was no alerting of their customers to issue yet. There seems to be a fundamental lack of understanding here to say nothing of the awkward attempt to detract from the risk by calling them out as “theoretical vulnerabilities”. The information was being stored in cleared text not in transit.”]
Source: https://www.csoonline.com/article/2136222/starbucks–strong-coffee–clear-passwords-.html