CVS has shut down its online photo service, warning its customers that there may have been a data theft and to call their banks if they get suspicious credit card charges.
The drugstore alerted people with a warning on its CVSPhoto.com website:
We have been made aware that customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised. As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services. We apologize for the inconvenience.
Customers who provided credit card information for transactions on CVSPhoto.com are advised to check their credit card statements for any fraudulent or suspicious activity and to call their bank or financial institution to report anything of concern.
Customer registrations related to online photo processing and CVSPhoto.com are completely separate from CVS.com, optical.cvs.com, cvs.com/MinuteClinic on line bill pay and our pharmacies. Financial transactions on CVS.com, optical.cvs.com,cvs.com/MinuteClinic and in-store are not affected.
When we reached out to a CVS spokesperson, they provided the same statement.
CVS is joining Target and Home Depot in the pantheon of really popular American stores getting dicked over by digital thieves. The only silver lining here: it doesn’t look like the data breach involved taking actual photos, so that freaky boudoir shoot you were going to print out is probably safe.