Walgreens mobile app leaked some customers’ personal data
Walgreens mobile app leaked some customers’ personal data
Some confidential messages sent to Walgreens customers via its mobile app were viewable by other customers, according to a Walgreens notification letter seen by ZDNet.
The app’s messaging feature allows registered customers to receive pharmacy alerts that include prescription refill notifications.
Walgreens said the data was exposed from January 9 until January 15.
“Once we learned of the incident, Walgreens promptly took steps to temporarily disable message viewing to prevent further disclosure and then implemented a technical correction that resolved the issue,” the company wrote in the letter.
The pharmacy giant’s investigation into the incident revealed that “certain messages containing limited health-related information were involved in this incident for a small percentage of impacted customers.”
Specifically, the data included a customer’s first and last name, prescription number and drug name, store number, and, in some cases, the shipping address.
The company pointed out that no financial data — including Social Security numbers and bank account information — was involved in the incident. Nevertheless, the idea that highly personal information linked to health matters may have been seen by random strangers is likely to be of some concern to those affected.
The letter from Walgreens also included information on action that affected customers can take to protect their data from misuse, such as tips on identity theft protection.
Walgreens’ mobile app has had more than 10 million installs on Android. The install count for iOS isn’t listed, though it has received more than 2.5 million ratings by those who use it. The app receives high scores on both app stores, making the security error all the more disappointing for those who had placed faith in Walgreens’ ability to look after their data.
We’ve reached out to the Illinois-based company to ask how many of its customers have been affected by the bug and we will update this piece when we hear back.
Of course, this isn’t the first time that a company trusted with customer information has left it exposed online, and it won’t be the last. Just recently, smart-device maker Wyze revealed a number of data breaches that left personal data linked to millions of its customers exposed online, while Microsoft, USPS, and Tumblr, among others, have also suffered similar incidents.
Source:- digitaltrends
Share:
- Amazon autonomous delivery bot expands to Atlanta and Tennessee’s Franklin |
- Ford employees ask the company to stop making police cars |
- Why 2020 is a rare window in time that’s hard to see beyond |
- Wi-Fi 6 is the fastest standard yet, but Wi-Fi 6E will take it to another level |
- The FDA Revokes Its Emergency Use Authorization for Hydroxychloroquine |
- FDA revokes emergency authorization for chloroquine and hydroxychloroquine in COVID-19 treatment |
- A sneak peek at 29 new movies and shows coming to Netflix in July |
- Snapchat ex-employees say past editorial practices were racially biased |
- Foreign hackers targeted Trump and Biden campaign Gmail accounts, Google says |
- Razer Ornata v2 keyboard remains a mechanical-membrane-mashup fave |
- T-Mobile touts that it now has 5G coverage in all 50 states |
- Important Google Drive Sharing Change Impacts Millions Of Users |
- Elon Musk’s SpaceX is hiring: Take a look at some of the positions |
- Best Memorial Day Sales 2020: The deals are rolling in |
- You can now have your very own digital avatar on Facebook and Messenger |
- Pizza Hut is giving away 500,000 free pizzas |
- Coronavirus (COVID-19) in the U.S. – Statistics & Facts |
- “Straining Credulity”: US Reveals Details Of Sunlight Study On COVID-19 |
- Tax day delayed again? Coronavirus concerns spark calls for October deadline |
- Ring’s new privacy features make the smart doorbells easier to recommend |