Rite Aid Corporation


Under Review: 
No Review
Date Breach Made Public: 
September 27, 2012
geo: 
Camp Hill , PA
United States
Records Breached: 

Unknown

Breach Total Number: 
0
Source: 
PHIPrivacy.net
Year of Breach: 
Type of organization: 
Type of breach: 

A customer using RiteAid's mobile app to check a prescription noticed that he was able to access the names, addresses, and prescription records of other customers.  The customer was able to identify some of the problems by using his computer science background.  He noticed there was no secure login tied to web service calls made from the smartphone application.  The customer was able to correspond with several RiteAid representatives and RiteAid began to address some of the security concerns.