Pharmacy giant Walgreens had to swallow some bitter medicine on Friday
when it told customers that a computer criminal had stolen its e-mail
marketing list. The criminal used the list to send out
realistic-looking spam that asked recipients to enter their personal
information into a Web page controlled by hackers.
"We are sorry this has taken place and for any inconvenience to you,"
the e-mail said.
No prescription information or other health information was stolen,
the company said — the criminal only managed to pilfer customer e-mail
addresses.
But even customers who had opted out of receiving marketing materials
via e-mail from Walgreens had their addresses stolen in the heist.
That means the firm stores customers' e-mail addresses even after they
ask not to participate in e-mail marketing.
"We realize you previously unsubscribed from promotional emails from
Walgreens, and that will continue," the e-mail to customers said.
Walgreens spokesman Michael Polzin said criminals so far have not
attempted to imitate Walgreens corporate logo in the phishing e-mail
they sent to consumers.
"The e-mails said they were from another company and asked (users) to
update some information," he said. Walgreens would never ask consumers
to e-mail personal information like credit card numbers or Social
Security numbers, he said.
The company "became aware" of the heist within the past week, he said.
He refused to disclose the number of customers impacted by it.
"We are in the process of contacting those customers," he said. "We
are not going to get into specifics."
Walgreens, which has $60 billion in annual sales, is expanding at an
astonishing pace. In November, it added 50 stores to its ranks of
8,000 retail outlets across the country.
No comments:
Post a Comment