The online photo centers of national pharmacy chains CVS and Rite Aid and the photo service of Costco have apparently been struck by hackers who gained access to the payment card details of many CVS, Rite Aid and Costco customers.
CVS, Rite Aid and Costco all use an independent company named PNI Digital Media to provide their photo services. PNI builds an online photo upload site under the retailers’ brand, then allows the retailers’ customers to pick up their printed photos at local retail stores or to be shipped to customers’ home addresses.
View the current customer warnings on this matter from each of the retailers here:
This breach was first reported by Brian Krebs, who has a stellar record in breaking the stories of most major card breaches at retailers in the past two years.
The time window for these reported breaches has not yet been determined, nor has the number of affected customers.