Subscribe

CVSPhoto.com goes dark in wake of breach: Should CVS customers worry?

The drugstore suspended online photo services while investigating a potential data breach that may have jeopardized customer credit information.

  • close
    A CVS pharmacy is seen in New York City, in this file photo taken July 28, 2010. The company's online photo services have been suspended due to a possible data breach.
    Mike Segar/Reuters/File
    View Caption
  • About video ads
    View Caption
of

CVS recently shut down its online photo services after discovering that a potential data breach may have compromised customer credit card information.

The drugstore chain did not say how many customers may have been affected, but said the breach was limited to transactions made through CVSPhoto.com; those who have made transactions in-store and through CVS’s main site, CVS.com, are safe.

CVS issued the following statement alerting customers of the attack:

We have been made aware that customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised. As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services. We apologize for the inconvenience.

Customers who provided credit card information for transactions on CVSPhoto.com are advised to check their credit card statements for any fraudulent or suspicious activity and to call their bank or financial institution to report anything of concern.

Customer registrations related to online photo processing and CVSPhoto.com are completely separate from CVS.com, optical.cvs.com, cvs.com/MinuteClinic on line bill pay and our pharmacies. Financial transactions on CVS.com, optical.cvs.com, cvs.com/MinuteClinic and in-store are not affected.

Nothing is more central to us than protecting the privacy and security of our customer information, including financial information. We are working closely with the vendor and our financial partners and will share updates as we know more.

For more information, call 1-800-SHOP-CVS.

The CVS hack comes on the heels of a massive cybersecurity breach at the US government’s Office of Personal Management compromised the information of 21.5 million people, resulting in the resignation of OPM chief Katherine Archuleta.

In recent years, large-scale retailers have become enticing targets for would be hackers. A massive breach at Target in 2013 put payment information of as many as 40 million people at risk. In March, Target paid $10 million to settle a class-action lawsuit stemming from that attack. A previous decision by a Minnesota judge opened the door for that suit, and potentially set a new precedent for retailers that fail to protect consumer data from hackers, Monitor correspondent Jaikumar Vijayan previously reported for Passcode.

About these ads
Sponsored Content by LockerDome
 
 
Make a Difference
Inspired? Here are some ways to make a difference on this issue.
FREE Newsletters
Get the Monitor stories you care about delivered to your inbox.
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...

Save for later

Save
Cancel

Saved ( of items)

This item has been saved to read later from any device.
Access saved items through your user name at the top of the page.

View Saved Items

OK

Failed to save

You reached the limit of 20 saved items.
Please visit following link to manage you saved items.

View Saved Items

OK

Failed to save

You have already saved this item.

View Saved Items

OK