I got notice from Walgreens about some “unauthorized access” to their customer email list recently.

The email said…

“We recently became aware of unauthorized access to an email list of customers who receive special offers and newsletters from us. As a result, it is possible you may have received some spam email messages asking you to go to another site and enter personal data. We are sorry this has taken place and for any inconvenience to you.

We want to assure you that the only information that was obtained was your email address. Your prescription information, account and any other personally identifiable information were not at risk because such data is not contained in the email system, and no access was gained to Walgreens consumer data systems.”

It’s great that Walgreen’s straight up told everyone what happened, and it’s also great their sysadmins know to keep their critical data systems separate.

If you haven’t already, I highly recommend creating a throwaway email account on Google or Hotmail that’s just for stores, giveaways, and signups. My junk@[you.can.probably.guess.what.domain].com email address is full of trash, but I know everything in there is always unimportant.

Here’s a copy of the Walgreen’s email…