U.S. Drug Mart, Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

U.S. Drug Mart, Inc., a full-service pharmacy based in Midlothian, Texas, experienced a data breach that was reported to the Texas Attorney General in November 2023. The breach affected 13,771 individuals and occurred between August 1 and August 5, 2023[3]. The compromised information may have included consumers’ full names, addresses, dates of birth, Social Security numbers, driver’s license numbers, and medical information[3]. The breach was the result of unauthorized access to the company’s data, but it is unclear whether this was due to a direct cyberattack on U.S. Drug Mart or through a third-party vendor[1][9].

U.S. Drug Mart filed a notice of the breach with the Texas Attorney General, noting 12,940 victims in Texas alone[1]. The company began sending out data breach notification letters to affected individuals, advising them of the information that was compromised and steps they could take to protect themselves[1]. The breach has led to an investigation by attorneys to determine whether a class action lawsuit can be filed, which could provide consumers with compensation for any harm resulting from the breach[3].

Founded in 1991, U.S. Drug Mart provides traditional prescription services, custom medication compounding, delivery services, fax/copy services, and diabetic testing supplies, in addition to selling over-the-counter medication and gift items[1]. The company employs more than 59 people and generates approximately $11 million in annual revenue[1].

Victims of the breach are advised to review the notification letters carefully, enroll in any free credit monitoring services provided by U.S. Drug Mart, change passwords for online accounts, regularly review account statements, monitor credit reports, and consider placing a fraud alert on their credit files[7].

Citations:

  1. https://www.jdsupra.com/legalnews/u-s-drug-mart-files-notice-of-data-3630484/
  2. https://www.dea.gov
  3. https://www.classaction.org/data-breach-lawsuits/u.s.-drug-mart-inc-november-2023
  4. https://www.humana.com
  5. https://www.myinjuryattorney.com/data-breach-investigation-u-s-drug-mart/
  6. https://www.cbsnews.com/?ftag=CNM-16-10abc6g
  7. https://www.turkestrauss.com/2023/12/05/u-s-drug-mart-data-breach-investigation/
  8. https://www.wsj.com/?%252525252525253butm_=undefined&webview=true
  9. https://beyondmachines.net/event_details/u-s-drug-mart-files-pharmacy-reports-data-breach-exposing-customer-ssns-e-q-0-o-3
  10. https://www.labcorp.com
  11. https://www.usdrugmart3.com
  12. https://www.washingtonpost.com
  13. https://blogs.duanemorris.com/classactiondefense/2024/01/08/fifth-circuit-refuses-to-revive-eeoc-covid-era-mask-bias-suit/
  14. https://www.hrw.org
  15. https://www.hipaajournal.com/november-2023-healthcare-data-breach-report/
  16. https://www.ftc.gov
Breach Submission Date Nov 21, 2023
Converted Entity Name U.S. Drug Mart, Inc.
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 13,016
Breach Type Hacking/IT Incident

Breach Information Location Network Server, Other

Business Associate Present Yes