3 retail pharma giants disclose data breaches from break-ins: What to know

In late July, three of the biggest retail pharmacy chains in the country began notifying patients of potential data breaches that occurred during break-ins that arose from national unrest in late May and early June.

Here are the key facts Becker's Hospital Review reported regarding the possible exposure of patient information.


Will Center, director of health and wellness HIPAA compliance at Walmart, wrote a letter to an undisclosed amount of individuals explaining that their personal information had been breached during break-ins that occurred during national unrest. Intruders could have items with patient information printed on them, such as names, addresses, phone numbers, medication names and strengths, prescription numbers and names, and fill dates.

Walmart said it sent the letter "out of an abundance of caution" in a July 23 statement emailed to Becker's. "The intruders primarily stole prescriptions ready for pickup, which are medications labeled with patient name and medication information," the company wrote.


CVS reported a data breach that affected 21,289 individuals to HHS on July 24. Amid break-ins occurring from May 27 to June 8, patients' names, birth dates, addresses, medication names and prescriber information, in addition to information about primary care providers, may have been exposed to intruders.

The retail pharma giant has notified the affected patients and says it has not received reports of any evidence that patient information was misused. 


On July 24, Walgreens sent letters to customers telling them that stores nationwide were affected by a potential breach of patient data between May 26 and June 5. During break-ins amid national unrest, the company said intruders stole filled prescriptions and paper records with health information, potentially exposing data including customer names and ages, medication names and dosages, prescription numbers and prescriber names, health plan names and group numbers, and vaccination information, as well as patients' addresses, phone numbers and email addresses. 

A Walgreens spokesperson told The Philadelphia Inquirer that about 180 stores were affected. The company also said credit card numbers, banking information and Social Security numbers were not affected. 

Ban distracting music in drug ads, consumers advocates urge FDA

Copyright © 2023 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars