CVS Pharmacy, Inc.

The California Office of the Attorney General reported that CVS Pharmacy, Inc. experienced a data breach involving unauthorized access to the CVSPhoto.com website between June 19, 2014, and July 14, 2015. The breach potentially affected customers' first and last names, payment card numbers, expiration dates, card verification codes, addresses, phone numbers, email addresses, and usernames and passwords, but not PIN numbers or photographic images. It is estimated that thousands of individuals' payment card information may have been compromised.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-57763

TPRM report: https://www.rankiteo.com/company/cvs-pharmacy

"id": "cvs534072725",
"linkid": "cvs-pharmacy",
"type": "Breach",
"date": "6/2014",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Thousands',
                        'industry': 'Pharmacy',
                        'location': 'California',
                        'name': 'CVS Pharmacy, Inc.',
                        'type': 'Company'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'number_of_records_exposed': 'Thousands',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['first and last names',
                                              'payment card numbers',
                                              'expiration dates',
                                              'card verification codes',
                                              'addresses',
                                              'phone numbers',
                                              'email addresses',
                                              'usernames and passwords']},
 'date_detected': '2015-07-14',
 'description': 'The California Office of the Attorney General reported that '
                'CVS Pharmacy, Inc. experienced a data breach involving '
                'unauthorized access to the CVSPhoto.com website between June '
                '19, 2014, and July 14, 2015. The breach potentially affected '
                "customers' first and last names, payment card numbers, "
                'expiration dates, card verification codes, addresses, phone '
                'numbers, email addresses, and usernames and passwords, but '
                'not PIN numbers or photographic images. It is estimated that '
                "thousands of individuals' payment card information may have "
                'been compromised.',
 'impact': {'data_compromised': ['first and last names',
                                 'payment card numbers',
                                 'expiration dates',
                                 'card verification codes',
                                 'addresses',
                                 'phone numbers',
                                 'email addresses',
                                 'usernames and passwords'],
            'payment_information_risk': 'High',
            'systems_affected': ['CVSPhoto.com website']},
 'references': [{'source': 'California Office of the Attorney General'}],
 'title': 'CVS Pharmacy Data Breach',
 'type': 'Data Breach'}

CVS Pharmacy, Inc.

Wockhardt USA: Morton Drug Company Data Breach Impacts 40K; Attorneys Investigate

Freedom Mobile Data Breach: Hackers Steal Customer Info in 2025 Attack

Spectra Company: Spectra Logic Corporation Data Breach Investigation