Valentine In The Morning

Valentine In The Morning

Valentine In The Morning Show is on air from 5am-10am. Valentine, Jill and Jon Comouche are the morning show.

 

Over 1 Billion CVS Data Records Accidentally Exposed!

Business Signage

Photo: Getty Images North America

More than a billion search records belonging to CVS Health was accidentally posted online and accessible to the public earlier this spring. An unsecured database was discovered at the end of March by independent cybersecurity researcher Jeremiah Fowler who alerted the company to the exposure. The exposed records included a large number of searches on CVS Pharmacy websites for COVID-19 vaccines and other medications. A CVS spokesperson confirmed to ABC News that as soon as they became aware of the exposure, they immediately took down the database, which was hosted by a third-party vendor. CVS wants to emphasize that the records did not include any personal customer, patient, or member information. However, some of the information revealed in those searches could have helped link to someone's identity. Fowler said,

"Some search entries included email addresses and should be a wake-up call for companies to ensure their data security is solid. There were certain times where individuals put their own email addresses into the search bar and then that correlated with a visitor ID and user ID, and then usually it showed what they searched for. So, hypothetically, you could have connected those three and figured it out. Logically, once you had an email and could see medications, there's all kinds of things you could do with it."

A CVS spokesperson said they've addressed the issue with the vendor in question to prevent this from happening again in the future. You can see the full statement below:

"In March of this year, a security researcher notified us of a publicly accessible database that contained non-identifiable CVS Health metadata. We immediately investigated and determined that the database, which was hosted by a third party vendor, did not contain any personal information of our customers, members, or patients. As the researcher's report indicates, there was no risk to customers, members or patients, and we worked with the vendor to quickly take the database down. We've addressed the issue with the vendor to prevent a recurrence and we thank the researcher who notified us about this matter."

Photo Credit: Getty Images


Sponsored Content

Sponsored Content