CVS’s online photo service has been shut down due to a possible data breach the company said on Friday. The company said that customers who used the CVS website (other than the photo section) and those who shopped in stores are not affected. PNI Digital Media is the company that runs the photo website for CVS as well as Walmart Canada’s photo website which was also recently compromised. PNI’s range includes 19,000 retail locations and 8,000 in-store kiosks so there’s no telling yet how all that has been impacted. CVS is conducting its own investigation and more details should come forth soon. Here is CVS’s full comment on the matter.
We have been made aware that customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised. As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services. We apologize for the inconvenience.
Customers who provided credit card information for transactions on CVSPhoto.com are advised to check their credit card statements for any fraudulent or suspicious activity and to call their bank or financial institution to report anything of concern.
Customer registrations related to online photo processing and CVSPhoto.com are completely separate from CVS.com, optical.cvs.com, cvs.com/MinuteClinic on line bill pay and our pharmacies. Financial transactions on CVS.com, optical.cvs.com, cvs.com/MinuteClinic and in-store are not affected.
Nothing is more central to us than protecting the privacy and security of our customer information, including financial information. We are working closely with the vendor and our financial partners and will share updates as we know more.
For more information, call 1-800-SHOP-CVS.
This latest data breach just adds to the pile of retail and consumer data breaches that have been hitting US companies over the past year and a half. One can only hope that these companies are spending time, research and money into figuring out how they can make their systems safer and more secure.