A threat group calling themselves ShadowByt3s (posted by BlackVortex1) claims to have breached Starbucks by compromising the sbux-assets S3 bucket and exfiltrating 10 GB of proprietary source code, firmware, and global management tools. The group provided proof via Mega.nz and Telegram, is recruiting insiders with a 30/70 split, set a ransom deadline of April 5, 2026 at 5:00 PM, and the exposed beverage dispenser and Mastrena II firmware create critical operational and supply-chain risks. #ShadowByt3s #Starbucks
Keypoints
- ShadowByt3s (BlackVortex1) claims to have exfiltrated 10 GB of data from the sbux-assets S3 bucket belonging to Starbucks.
- Stolen files include beverage dispenser firmware (hex), Mastrena II espresso machine logic, FreshBlends smoothie station code, and controller firmware for Siren System/Blue Sparq.
- Global Management UI source code, an Inventory Management Portal, operational monitoring tools, JavaScript bundles with API endpoints, source maps, and SCSS files were exposed.
- The actor posted proof via Mega.nz and Telegram, is recruiting insiders with a 30/70 revenue split, and set a ransom deadline of April 5, 2026 at 5:00 PM.
- Exposure of firmware and OT control logic poses critical risks including hardware manipulation, supply-chain attacks, and competitive reverse engineering of Starbucks automation technology.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!