Skip to main content

Walgreens mobile app leaked some customers’ personal data

Some confidential messages sent to Walgreens customers via its mobile app were viewable by other customers, according to a Walgreens notification letter seen by ZDNet.

The app’s messaging feature allows registered customers to receive pharmacy alerts that include prescription refill notifications.

Related Videos

Walgreens said the data was exposed from January 9 until January 15.

“Once we learned of the incident, Walgreens promptly took steps to temporarily disable message viewing to prevent further disclosure and then implemented a technical correction that resolved the issue,” the company wrote in the letter.

The pharmacy giant’s investigation into the incident revealed that “certain messages containing limited health-related information were involved in this incident for a small percentage of impacted customers.”

Specifically, the data included a customer’s first and last name, prescription number and drug name, store number, and, in some cases, the shipping address.

The company pointed out that no financial data — including Social Security numbers and bank account information — was involved in the incident. Nevertheless, the idea that highly personal information linked to health matters may have been seen by random strangers is likely to be of some concern to those affected.

The letter from Walgreens also included information on action that affected customers can take to protect their data from misuse, such as tips on identity theft protection.

Walgreens’ mobile app has had more than 10 million installs on Android. The install count for iOS isn’t listed, though it has received more than 2.5 million ratings by those who use it. The app receives high scores on both app stores, making the security error all the more disappointing for those who had placed faith in Walgreens’ ability to look after their data.

We’ve reached out to the Illinois-based company to ask how many of its customers have been affected by the bug and we will update this piece when we hear back.

Of course, this isn’t the first time that a company trusted with customer information has left it exposed online, and it won’t be the last. Just recently, smart-device maker Wyze revealed a number of data breaches that left personal data linked to millions of its customers exposed online, while Microsoft, USPS, and Tumblr, among others, have also suffered similar incidents.

Editors' Recommendations

These Android apps are spying on you — and there’s no easy way to stop them
Illustration of a giant eye stalking through a phone

Android’s security woes need no introduction, but another threat that hasn’t received its fair share of awareness relates to spyware and stalkerware apps. These apps can secretly be installed on a victim’s phone to monitor their activity and can be exploited to harass victims of domestic abuse and engage in online stalking. All someone needs is physical access to the victim's phone to install these apps, which is not too difficult in cases of domestic abuse.

Call it an app-fueled version of AirTag stalking, but on steroids, because these spyware apps can steal everything including messages, call logs, emails, photos, and videos. Some can even activate the microphone and the camera, and secretly transfer these recordings to a remote server where the abuser can access it. Since Google Play's policies don't allow stalking apps, these apps are sold via third-party websites and need to be sideloaded.

Read more
The Galaxy Z Flip 5 may get a feature we’ve never seen before
Render of the Galaxy Z Flip 5 with two cover screens.

As we get closer to the launch of the Galaxy Z Flip 5, details have started surfacing more regularly. In February, we learned that the cover display will be much larger than the one found on the Galaxy Z Flip 4. Now, rumors seem to suggest that the new foldable will be the first of its kind sporting two discrete cover displays.

According to renders shared in a recent video by mobile insider SuperRoader, the Galaxy Z Flip 5's dual cover screens will greatly differentiate the foldable from the rest of its kind. The two screens are vastly different in size, and seem to serve two distinct functions.

Read more
You can now try the OnePlus 11 for free for 100 days — here’s how
Someone holding the OnePlus 11.

Buying a new smartphone is always a gamble in terms of customer satisfaction — mainly because they cost so much and can be so different from the device that the buyer is currently using.

To combat this, OnePlus is giving customers the chance to try the OnePlus 11 entirely risk-free. Starting today, the company is running the "100 Days No Regret" program, which allows OnePlus 11 buyers to use the new flagship for up to 100 days and still be eligible to return it for a full refund.

Read more