US Digital Pharmacy Ravkoo Linked Data Breach to AWS Portal Vulnerability

US Digital Pharmacy Ravkoo Linked Data Breach to AWS Portal Vulnerability

Ravkoo, a US-based online pharmacy, has announced a data breach following a security issue involving the company’s AWS-hosted cloud prescription gateway, which may have allowed personal and health information to be accessed.

“Ravkoo utilizes AWS cloud services for online hosting of its prescription portal. On September 27, 2021, Ravkoo detected that this portal was the target of a cybersecurity attack,” the drugstore stated in data breach notification letters issued to 105,000 impacted customers on January 3.

“An unauthorized third party attempted to infiltrate the portal. On October 27, 2021, Ravkoo’s responsive forensic investigation revealed that certain prescription and health information could have been compromised.”

According to the business, customers’ Social Security Numbers were not obtained during the incident, and it does not keep SSN data on the impacted prescription portal. Alpesh Patel, the online pharmacy’s CEO, said in a public announcement on Ravkoo’s website that the incident was reported to the FBI. The corporation is collaborating in the continuing investigation by the federal law enforcement agency.

Ravkoo hasn’t received any allegations of identity theft relating to this data breach since September 27, the event’s date, and has yet to identify any indication that any of the information exposed in the incident has been abused. Affected people will also receive a free year of Kroll Information Assurance’s online identity monitoring service to help them handle identity theft concerns related to the data incident.

The specifics of the event Ravkoo revealed with Attorney General’s offices from numerous states and affected consumers match a report from The Intercept shortly after the incident, which claimed that an unidentified hacker made Ravkoo “hilariously easy” to breach. According to the suspected hacker, he obtained access to Ravkoo’s servers by exploiting a secret admin panel that any user might have used to examine all data. 

As per Micah Lee of The Intercept, the hacker also supplied data of 340,000 prescriptions written by Ravkoo between November 3, 2020, and September 11, 2021, totaling $8.5 million in medicine prices. When contacted for further information on the data breach, a Ravkoo spokesperson did not respond to a request for comment.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.