Walgreens

Walgreens

Walgreens’ Covid-19 test registration system exposed patient data of millions of people who got Covid-19 tests through Walgreens.

The personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect.

However, Walgreens added an authentication screen to its Covid-19 test confirmation pages and made it mandatory for anyone who wants to access the test confirmation pages to enter the patient’s date of birth first.

Source: https://www.vox.com/recode/22623871/walgreens-covid-test-site-data-vulnerability

"id": "WAL221827123",
"linkid": "walgreens",
"type": "Data Leak",
"date": "09/2021",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.