Cybersecurity attack against Amazon-owned online pharmacy PillPack exposed user health data

Cybersecurity attack against Amazon-owned online pharmacy PillPack exposed user health data
By Annie BurkyMay 19, 2023 04:50pm
PillPackAmazonCybersecurityonline pharmacies
illustration of healthcare cybersecurity with text medical data breach on a digital screen
PillPack’s internal investigation confirmed the breach took place between April 2 and April 6, although suspicious login attempts were detected on April 3. (Shutterstock)
Amazon-owned PillPack reported a cybersecurity attack affecting the accounts of nearly 20,000 customers.

An unauthorized person used customer emails and passwords to log into PillPack customer accounts, over 3,000 of which contained prescription information. Social Security numbers and payment information were not involved in the attack, according to the online pharmacy.

PillPack’s internal investigation confirmed that the emails and passwords in question were not taken from its website. While PillPack is a subsidiary of Amazon, the company stated that only PillPack’s website was impacted.

“The limited information that was revealed is not enough to steal someone’s identity,” a company spokesperson told Fierce Healthcare. “This event was limited to PillPack, and we both notified the impacted customers directly and posted the notification to our website. We encouraged customers to contact PillPack via phone or email with any questions.”

RELATED
Healthcare still playing catch-up when it comes to cybersecurity preparedness
The spokesperson said that it believed the customer login credentials were taken from other websites. Customer passwords were reset and multifactor authentication was enabled after suspicious activity was confirmed, the company said.

No unusual activity within the accounts in question was detected, and PillPack stated that there is no current evidence of the information being used in any way. “The limited information that was revealed is not enough to steal someone’s identity,” the spokesperson said.

The New Hampshire-based organization’s internal investigation found that the breach took place between April 2 and April 6, although suspicious login attempts were detected on April 3.

For the users whose prescription information was accessed, information related to their PillPack prescriptions along with the contact information for their prescribing provider was found.