Article Image
IPFS News Link • Hacking, Cyber Security

Walgreens' COVID-19 test registration system could have exposed millions of patients' data..


Walgreens Boots Alliance's COVID-19 test registration system exposed the personal data of potentially millions of people. 

First reported by Recode, this includes the names, dates of birth, gender identities, phone numbers, addresses and emails of anyone who was tested at the drugstore chain for the virus since last year.

The data was allegedly open web for potentially anyone to see and for the multiple ad trackers on Walgreens' site to collect, according to the report. 

What's more, the results of the COVID-19 tests could also be taken from the exposed data, in some cases.= 

Alejandro Ruiz, a consultant for IT company Interstitial Technology PBC, told Recode he discovered the exposure in March 2021 after one of his relative was tested for COVID-19 at a Walgreens.

He said he reached out to the drugstore via email, phone and a web form regarding technical or security questions but he never hear back.

'Any company that made such basic errors in an app that handles health care data is one that does not take security seriously,' Ruiz told Recode.