Security News > 2020 > March > Walgreens Discloses Data Breach Related to Mobile App
Pharmacy store chain Walgreens has started informing some users of its mobile application that their personal and health-related information may have been seen by other customers.
The Walgreens mobile application allows users to shop, refill their prescriptions, get pill reminders, consult a doctor or pharmacist via a live chat feature, print photos in stores, obtain rewards, and store coupons.
A notification letter sent out by Walgreens to impacted customers informs them that one or more of their messages within the Walgreens mobile application may have been viewed by other users of the app due to an "Error." The letter was published on February 28 on the website of the California Attorney General.
"Our investigation determined that an internal application error allowed certain personal messages from Walgreens that are stored in a database to be viewable by other customers using the Walgreens mobile app. Once we learned of the incident, Walgreens promptly took steps to temporarily disable message viewing to prevent further disclosure and then implemented a technical correction that resolved the issue," reads the letter signed by Rina Shah, VP of pharmacy operations at Walgreens.
"Walgreens promptly took steps to disable the message viewing feature within the Walgreens mobile app to prevent further disclosure until a permanent correction was implemented to resolve the issue. Walgreens will conduct additional testing as appropriate for future changes to verify the change will not impact the privacy of customer data," Shah wrote.
News URL
Related news
- Yacht retailer MarineMax discloses data breach after cyberattack (source)
- OWASP discloses data breach caused by wiki misconfiguration (source)
- AT&T faces lawsuits over data breach affecting 73 million customers (source)
- SurveyLama data breach exposes info of 4.4 million users (source)
- US cancer center data breach exposes info of 827,000 patients (source)
- Home Depot confirms third-party data breach exposed employee info (source)
- AT&T now says data breach impacted 51 million customers (source)
- CISA warns about Sisense data breach (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- Cisco Duo warns third-party data breach exposed SMS MFA logs (source)