Walgreen, a US pharmacy chain stated on Friday that it had been the victim of a data breach that exposed the personal detail of some of its mobile app users. The mobile app contained a bug that allowed users to view other users’ personal data and drug prescription details. This bug was in effect from Thursday, January 9 to Wednesday, January 15. The leak also exposed details such as first and last name, store number, and shipping addresses when available.
Walgreens notified their customers, stating that their investigation concluded that an internal application error allowed certain personal messages from Walgreens to be viewable by other customers. Walgreens stated that they learned of the error on January 15 and promptly fixed it the same day. Walgreens also took measures to disable the message viewing feature as well as conducting additional testing to verify that their app is more secure in the future.
Read More: Walgreens says mobile app leaked users’ personal data