Serviceteam IT Security News

The personal health information (PHI) of over 72,000 Walgreens customers has been exposed after looters broke into nearly 200 stores and stole prescriptions. 

America’s second-largest pharmaceutical chain contacted impacted customers in July to disclose the data breach. Walgreens spokesperson Jim Cohn told the Philadelphia Inquirer that 180 Walgreens stores had been looted but declined to state which specific ones. 

“As part of a comprehensive investigation and review of the damage, we learned there was also limited unauthorized access to certain patient information at some of these damaged locations,” Cohn said in a statement. 

Walgreens said that while paper records and filled prescriptions were swiped by looters, no financial information or Social Security numbers belonging to customers were exposed. 

In a breach notification letter dated July 24, Walgreens wrote: “Sometime between May 26 and June 5 2020, various groups of individuals broke into multiple Walgreens stores and forced entry into the secured pharmacy at select locations, including your preferred Walgreens.

“Among the many items stolen were certain items containing health-related information — such as filled prescriptions waiting for customer pick up and paper records.”

Sensitive information exposed in the spate of looting included customers’ full name, address, date of birth/age, phone number, email address, balance rewards numbers and photo ID numbers. Vaccination information was also exposed along with prescription details and clinical and health plan information.

The letter went on to state: “Upon learning of the potential compromise of information, Walgreens promptly took steps to close out and re-enter impacted prescriptions in our system to prevent potential fraud regarding the original prescription.”

Walgreens said that it was coordinating with local law enforcement where appropriate and had taken steps to reverse insurance claims for any stolen filled prescriptions that had already been billed to health plans. 

Impacted customers were offered one year of credit monitoring free of charge and were given advice on how to obtain and monitor credit reports. Customers were further advised to “follow-up with your insurance company or the care provider for any items you don’t recognize.”

According to data in the Office for Civil Rights (OCR) breach portal, the data breach may have affected 72,143 Walgreens customers.

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!