To be fair to the relevant authorities, the author does a terrible job of not sounding malicious.
That last paragraph in particular sounds more like a vindictive troublemaker than a concerned hypothetical and writing like that doesn't help your case.
To be a good security researcher, no doubt it often takes a devious mind. Now whether or not this deviousness is used for good or evil depends on temperament, upbringing and acceptance or ignorance by other parties.
You don't piss off a hacker. And these people have miles more persistence than other people. That's what makes these people good. I'm not saying they should flagrantly abuse laws but the morality and mentality of these people is usually break first and then think about the consequences. And that's exactly why lots of holes never get reported.
This blog post was written for _us_. Not for Starbucks.
It was written as the result of the pathetic replies that he got from them. So of course, it's going to sound _malicious_ because he's probably quite annoyed by their actions.
If you wanted to put a spin on things, you could claim that OP didn't actually contact Starbucks, and has just written this article to wind us all up ;-)
That last paragraph in particular sounds more like a vindictive troublemaker than a concerned hypothetical and writing like that doesn't help your case.