CVS Health investigates potential 3rd-party data breach

WOONSOCKET, R.I. - CVS Health on Friday temporarily shut down access to its online and related mobile photo services as the company investigates a potential data breach. The company's online transactions and in-store POS is not impacted. 

 

"We have been made aware that customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised," CVS Health stated on its site. "As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services. We apologize for the inconvenience."

 

Customer registrations related to online photo processing and CVSPhoto.com are completely separate from CVS.com and its pharmacies. And financial transactions on CVS.com and in-store are not affected, the retailer stated.

 

"Nothing is more central to us than protecting the privacy and security of our customer information, including financial information. We are working closely with the vendor and our financial partners and will share updates as we know more," CVS noted.