The California Office of the Attorney General reported that Walgreen Co. experienced a data breach on January 15, 2020, which allowed unauthorized viewing of personal messages within the Walgreens mobile app. The breach affected messages containing limited health-related information of customers and involved a potential exposure of customer names, prescription numbers, and addresses. The notification was reported on February 28, 2020.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-187787
TPRM report: https://www.rankiteo.com/company/walgreens
"id": "wal748072525",
"linkid": "walgreens",
"type": "Breach",
"date": "1/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'name': 'Walgreen Co.',
'type': 'Company'}],
'attack_vector': 'Mobile App Vulnerability',
'data_breach': {'personally_identifiable_information': ['Customer names',
'Prescription numbers',
'Addresses'],
'sensitivity_of_data': 'Medium',
'type_of_data_compromised': ['Customer names',
'Prescription numbers',
'Addresses',
'Limited health-related '
'information']},
'date_detected': '2020-01-15',
'date_publicly_disclosed': '2020-02-28',
'description': 'Unauthorized viewing of personal messages within the '
'Walgreens mobile app, exposing limited health-related '
'information of customers.',
'impact': {'data_compromised': ['Customer names',
'Prescription numbers',
'Addresses',
'Limited health-related information'],
'systems_affected': ['Walgreens mobile app']},
'references': [{'date_accessed': '2020-02-28',
'source': 'California Office of the Attorney General'}],
'title': 'Walgreen Co. Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Access'}