Walgreens warns mobile app users that personal data may have been leaked

Walgreens is alerting consumers about a vulnerability in its mobile app that exposed users' personal information, according to ZDNet.

The vulnerability was found in the app's personal messaging feature that was thought to be secure. Upon investigation, Walgreens determined "an internal application error allowed certain personal messages from Walgreens that are stored in a database to be viewable by other customers using the Walgreens mobile app," reports ZDNet.

The bug allowed users to view other users' personal data and drug prescription details between Jan. 9-15. Patient data that may have been exposed included names, prescription details, store numbers and shipping addresses.

Walgreens fixed the flaw on Jan. 15 by disabling the message viewing feature and installing a permanent correction. Although it's unclear how many patients were affected, Walgreens said that sensitive drug prescription data was only exposed for a small percentage of users.

More articles on cybersecurity:
Texas provider alerts 6,500 patients of phishing attack
Connecticut payer alerts 1,100 members of phishing attack
10 tips for hospitals to mitigate ransomware attacks

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Webinars

Featured Whitepapers