A recent incident has resulted in the email addresses of some Walgreens customers who receive special offers and newsletters from the company to fall into the hands of cybercrimals.
As a result, customers were spammed with email messages asking them visit another site (hosted by a cybercriminal) and enter personal data.
The company emphasized that only email addresses were obtained and that no personally identifiably information was collected as a result of the unauthorized access, as such data is not contained in the email system, and no access was gained to Walgreens consumer data systems.
A spokesperson from Walgreens said that company has voluntarily contacted the appropriate authorities and are working with them regarding the incident.
The company declined to comment on the number of email addresses that may have been obtained. The company has not responded as of publishing time on if the email data was hosted internally or with a third party email services provider.
The official statement provided to SecurityWeek from Walgreens is as follows:
“We recently became aware of unauthorized access to an email list of customers who receive special offers and newsletters from us. Customer passwords, account information, prescription and any other personally identifiable information were not at risk because such data is not contained in the email system, and no access was gained to Walgreens consumer data systems. Although only email addresses were obtained, we believe it is important to inform our customers that, as a result, they may have received spam email messages asking them to go to another website and enter personal data.”
Related News: Major Retailer Suffers System Intrusion – Payment Systems Compromised

More from SecurityWeek News
- Threat Hunting Summit Virtual Event NOW LIVE
- Video: ESG – CISO’s Guide to an Emerging Risk Cornerstone
- Threat Modeling Firm IriusRisk Raises $29 Million
- SentinelOne Announces $100 Million Venture Fund
- Today: 2022 CISO Forum Virtual Event
- Cymulate Closes $70M Series D Funding Round
- SecurityWeek to Host CISO Forum Virtually September 13-14, 2022: Registration is Open
- Privilege Escalation Flaw Haunts VMware Tools
Latest News
- Consolidate Vendors and Products for Better Security
- Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- BBC, British Airways, Novia Scotia Among First Big-Name Victims in Global Supply-Chain Hack
