Walgreens Mobile App Leaked Users’ Personal Data Due “Bug”

  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    1
    Share

Walgreens, the popular pharmacy store in the United States, has recently confessed to a security flaw. As revealed, a bug existed in the Walgreens mobile app that consequently leaked data of users.

Walgreens App Leaked Data

The second-largest pharmacy store Walgreens has recently admitted a security incident. It turns out that the Walgreens mobile app leaked users’ personal data online due to a bug.

Disclosing the incident via a breach notification letter sent to their users, the company stated that they noticed a flaw with their mobile app’s personal secure messaging feature. This flaw exposed users’ personal messages to other users.

Our investigation determined that an internal application error allowed certain personal messages from Walgreens that are stored in a database to be viewable by other customers using the Walgreens mobile app.

As they observed, some of the exposed messages contained health-related information of users.

Specifically, the exposed details included users first names, last names, prescription number, drug name, shipping address, and store number. Fortunately it did not include any financial information or sensitive details such as Social Security Numbers.

Bug Now Fixed

Upon discovering the flaw, Walgreens immediately worked to resolve the matter. First, they temporarily disabled the message viewing feature to prevent further exposure of data. Then, they resolved the technical glitch.

Nonetheless, since the incident did affect some users they reached out to them via incident disclosure.

We believe that you were part of the impacted customer group and that one or more personal messages containing your limited health-related information may have been viewed by another customer on the Walgreens mobile app between January 9, 2020, and January 15, 2020.

Let us know your thoughts in the comments.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!