Tagged: Walgreens Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 8:00 am on September 15, 2021 Permalink | Reply
    Tags: , , , , Walgreens   

    Pharmacy data breach exposes millions of customers’ data 

    Pharmacy data breach exposes millions of customers' data

    By Greg Collier

    When someone entrusts a billion-dollar company with their medical information, you might assume that they take security seriously. After all, HIPAA violations are no joke. The largest HIPAA fine so far was $18 million paid by a major health insurance company after they feel for a phishing attack, exposing client data in the process. So, say you’re the largest pharmacy chain in the nation. You’ve also tested countless customers for COVID-19. You must have some kind of impenetrable security in place to keep all that information private, right? Maybe not according to security experts.

    A security consultant had his family tested for COVID-19 back in March at a local Walgreens. While getting his family’s test results, he discovered a flaw in Walgreens’ website that exposed customer information related to the COVID-19 tests. This information is said to have contained name, date of birth, phone number, address, and email along with other sensitive information. The consultant tried to get in touch with Walgreens to warn them about the flaw, but they allegedly ignored him. Tech news site, Recode, also investigated the flaw and notified Walgreens about it. Recode even gave Walgreens time to fix the vulnerability before they published their report, but according to Recode, the vulnerability still hasn’t been fixed.

    As of the time of this post, there has been no confirmation that any bad actor has come into possession of any customer information. However, that doesn’t necessarily mean they haven’t. If you used Walgreens for COVID-19 testing since July 2020, you may want to keep an eye on your credit report. This breach could be a potential treasure trove for identity thieves. The information could also be used by scammers to sound more legitimate since they have some personal details of your life.

     
  • Geebo 9:00 am on March 3, 2020 Permalink | Reply
    Tags: , , medical privacy, Walgreens   

    Major pharmacy leaks customer data 

    Major pharmacy leaks customer data

    Out of all your personal information that could be potentially exposed, it’s probably your medical history that you would least want to be public knowledge. After all, your medical information is the most personal information you have. It’s so personal, in fact, that Congress passed a monumental law back in 1996 to better protect patient privacy. That law was the Health Insurance Portability and Accountability Act, otherwise known as HIPAA. The government has been known to level heavy fines against medical providers when patient privacy has been. One of the nation’s leading pharmacies may now be getting ready to be on the receiving end of one of those record fines.

    Walgreens recently announced that their mobile app had a flaw that could have potentially exposed customer’s names along with the medication they’re taking and other health-related information. According to Walgreens

    The bug allowed “a small percentage of impacted customers” to view one or more personal messages containing limited health-related info of other app users “between January 9, 2020, and January 15, 2020.”

    However, they say that no customers’ financial information has been released. That’s not to say that medical information can’t be used for nefarious purposes. In the past, medical information that was made public has been used to blackmail people.

    Walgreens is said to be sending letters to those affected in the breach but they have also been quiet on the number of customers who have been affected. This isn’t the first time Walgreens has run afoul of HIPAA. In 2013, they were fined $1.4 million when a pharmacist inappropriately shared a customer’s medical data. Imagine how much the fine could potentially be now with a nationwide breach.

    Unfortunately, there’s not much a patient can do once their medical information is out in the wild. At best, they can sue the medical provider for damages but once medical information falls into the wrong hands it’s out there for good.

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel