Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: all
Year(s) of Breach: all
Company or Organization:
Date Made Public:
January 30, 2019
Company: CVS Pharmacy
Location: , Rhode Island
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
5,645

Location of breached information: Paper/Films

Business associate present: Yes

Information Source:
US Department of Health and Human Services
Date Made Public:
October 13, 2017
Company: CVS Pharmacy
Location: , Rhode Island
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
836

Location of breached information: Paper/Films

Business associate present: No

Information Source:
US Department of Health and Human Services
Date Made Public:
July 18, 2015
Company: CVS Pharmacy, Imperial Beach
Location: Imperial Beach, California
Type of breach:
INSD
Type of organization:
BSR
Records Breached:
100

A pharmacy technician at the CVS Pharmacy on Saturn Boulevard in Imperial Beach California has admitted to stealing customer records and providing the information to her property manager who then used the information to gain credit and credit cards.

An further investigation is currently being conducted. The California State Board of Pharmacy has suspended the license of the pharmacy tech, Nicole Yvonne Flores and CVS no longere employs Ms. Flores.

More Information: http://www.sandiegouniontribune.com/news/2015/jul/17/pharmacy-patient-data/

Information Source:
Media
Date Made Public:
November 28, 2013
Company: CVS Pharmacy, Inc., Maryland CVS Pharmacy, LLC
Location: Gaithersburg, Maryland
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
0

The Maryland Attorney General charged CVS Pharmacy, Inc. and Maryland CVS Pharmacy, LLC with failing to protect sensitive financial and medical information.  CVS disposed of patient records in publicly accessible places. CVS agreed to pay $250,000 in a settlement with the Maryland Attorney General.

Information Source:
PHIPrivacy.net
Date Made Public:
April 15, 2007
Company: CVS Pharmacy
Location: Liberty, Texas
Type of breach:
PHYS
Type of organization:
MED
Records Breached:
1,000

The Attorney General of Texas filed a complaint against CVS Pharmacy for illegally disposing of personal information including active debit and credit card numbers, complete with expiration dates and medical prescription forms with customer's name, address, date of birth, issuing physician and the types of medication prescribed. The information was found in a dumpster behind a store that apparently was being vacated. 

Information Source:
Dataloss DB
CSV