Pet wellness brand Petco has temporarily taken parts of its Vetco Clinics website offline after a security failure left large amounts of customer information publicly accessible.
TechCrunch notified the company about the exposed Vetco customer and pet data, after which Petco acknowledged the issue in a statement, saying it is investigating the incident at its veterinary services arm. The company declined to share further details.
The lapse meant that anyone online could directly download customer files from the Vetco site without needing an account or login credentials. At least one customer file was publicly visible and had even been indexed by Google, making it searchable.
According to data reviewed by TechCrunch, the exposed records included visit notes, medical histories, prescriptions, vaccination details, and other documents linked to Vetco customers and their pets.
These files contained personal information such as customer names, home addresses, phone numbers and email addresses, along with clinic locations, medical evaluations, diagnoses, test results, treatment details, itemized costs, veterinarian names, signed consent forms, and service dates.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: