Petronella Blog Archive

Visit our New Blog

CVS Photo Hacked

Blog Post

CVS Photo has suspended its service after discovering that its customers' credit card information may have been stolen.

The online photo printing service, which lets customers upload photos, create orders and pick up the photos at their local pharmacy, has said that customer credit card information collected by a third-party vendor might have been stolen, so they suspended the website and their app.  

The vendor is PNI Digital Media, which is a subsidiary of Staples.  You may recall that Staples suffered a major breach themselves last year,

CVS underscored that the photo printing service is separate from their medical and pharmaceutical side, so patients should have nothing to worry about.  They also haven't verified what, if anything, was actually stolen.  The standard credit card information is one possibility, but they haven't said whether digital images might have been another possible target of theft.