Customer card data compromised at CVSphoto

The pharmacy chain CVS took down its CVS Photo website today and replaced it with a warning that “customer credit card information collected by the independent vendor who manages and hosts may have been compromised.”

The company is shutting down access to online and mobile photo services “as a precaution” while the investigation goes on.

Security expert Brian Krebs, who first called attention to the breach this morning, also noted that Walmart Canada discovered a similar breach in its online photo site last week.

The announcement on says that “Customer registrations related to online photo processing and are completely separate from and our pharmacies,” and that transactions in-store or at don’t appear to be affected.

The company promises to offer updates as more information becomes available, and in the meantime, anyone seeking more information is invited to call 1-800-SHOP-CVS.

One thought on “Customer card data compromised at CVSphoto

If you don't comment, I'll just assume you agree with me

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s