Published on

Amazon PillPack Data Breach

Authors
  • avatar
    Name
    Steve Manning
    Twitter

19,000 Amazon PillPack Customer Accounts Compromised

The Amazon-owned online pharmacy, PillPack, has recently started notifying 19,032 customers that some of their protected health information was compromised in a cyberattack in April. Unauthorized customer account activity was detected by PillPack on April 3, 2023, and the investigation revealed customer accounts had been accessed by an unauthorized third party between April 2 and April 6, 2023. The compromised accounts contained names, addresses, phone numbers, and email addresses. Approximately 3,600 of the accounts also included prescription information.

The forensic investigation confirmed that the usernames and passwords used to access the accounts were not stolen from PillPack and had most likely been obtained in a breach at another platform where the same usernames and passwords were used. These credential-stuffing attacks can only occur when usernames and passwords have been used on multiple platforms. PillPack has not identified any misuse of customer data, and the types of information in the accounts are not sufficient to be used for identity theft. However, victims of the breach could be subject to phishing attempts to obtain further information. PillPack confirmed that the breach was limited to PillPack and notification letters have been mailed to affected individuals.