Programming error results in CVS Caremark mailing blunder

Share this article:

About 350 CVS Caremark customers are being notified that a programming error resulted in mailers containing their personal information being sent to the wrong customers.

How many victims? About 350. 

What type of personal information? Names and full lists of medications.

What happened? A programming error resulted in mailers containing the personal information being sent to the wrong CVS Caremark customers.

What was the response? CVS Caremark fixed the error and is implementing policies, procedures and technology to ensure a similar incident does not occur in the future. All impacted individuals are being notified.

Details: CVS Caremark sent the mailers on July 15, which offered customers a change to a 90-day prescription supply. A customer in Georgia was impacted, but it is unclear if the incident is limited to only that state. A CVS spokesperson did not immediately respond to a SCMagazine.com request for comment.

Source: wsbtv.com, “Customers concerned after CVS prescription info mix-up,” July 29, 2014.

UPDATE: A CVS Caremark spokesperson told SCMagazine.com on Wednesday that impacted customers were from “various geographic locations.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.