Rite Aid Corporation

Under Review: 
No Review
Date Breach Made Public: 
September 27, 2012
Camp Hill , PA
United States
Pennsylvania US
Records Breached: 


Breach Total Number: 
Year of Breach: 
Type of organization: 
Type of breach: 

A customer using RiteAid's mobile app to check a prescription noticed that he was able to access the names, addresses, and prescription records of other customers.  The customer was able to identify some of the problems by using his computer science background.  He noticed there was no secure login tied to web service calls made from the smartphone application.  The customer was able to correspond with several RiteAid representatives and RiteAid began to address some of the security concerns.