CVS, Rite Aid And Other Retailers Investigate Breaches Within Online Photo Business

CVS is one of several retailers that has temporarily shut down its online photo service due to a potential data breach linked to a third-party vendor, Canada-based PNI Digital Media.

The pharmacy retailer shared in a statement on the homepage that PHI, which manages and hosts the site, may have been compromised. An investigation is underway and, as a precaution, CVS is preventing access to all online and mobile photo services until further notice.  

“Nothing is more central to us than protecting the privacy and security of our customer information, including financial information,” the statement noted. “We are working closely with the vendor and our financial partners and will share updates as we know more.”


In the mean time, customers who shared credit card information through the platform are encouraged to track all statements and contact their bank or financial institution should any suspicious activities arise.

CVS is the second of several retailers looking into breaches of their online photo services, according to a report from KrebsOnSecurity. Last week, Walmart Canada revealed that it was investigating a similar breach of its photo web site, which also is powered by PNI Digital Media. CVS, Costco, Rite Aid and Tesco also were listed as clients.

Shortly after CVS shut down, Costco, Rite Aid and Tesco all suspended access to their online photo properties. Retail TouchPoints will provide updates to this story as soon as more details are provided.

Featured Event

Join the retail community as we come together for three days of strategic sessions, meaningful off-site networking events and interactive learning experiences.



Access The Media Kit


Access Our Editorial Calendar

If you are downloading this on behalf of a client, please provide the company name and website information below: