Both Costco and Walmart Canada have taken their online photo centers offline this week to investigate a possible security breach. Currently Walmart Canada’s photo printing website displays the following error page:

The page states, in part, that “We were recently informed of a potential compromise of customer credit card data involving Walmart Canada’s Photocentre website, www.walmartphotocentre.ca. Our customers’ privacy is of the utmost importance. We immediately launched an investigation and will be contacting customers who may be impacted.” Costco’s Photo Center website displayed a similar error page. 

Additional stores that have suspended their online photo centers include Tesco, CVS, Sam’s Club, and Rite Aid. All of the aforementioned stores use third party vendor PNI Digital Media to manage their online photo centers. Rite Aid named the company in its message to customers: “We recently were advised by PNI Digital Media…that it is investigating a possible compromise of certain online and mobile photo account customer data. The data that may have been affected is name, address, phone number, email address, photo account password and credit card information.”

The Vancouver based PNI Digital Media was purchased by Staples last year. In a statement to the CBC, Kirk Saville, Vice President of Global Communications for Staples, said, "We take the protection of information very seriously. PNI is investigating a potential credit card data issue, and outside security experts are assisting in the investigation.” 

According to PNI’s website, “Last year the PNI Digital Media platform worked with over 19,000 retail locations and 8,000 kiosks to generate more than 18M transactions for personalized products.” According to Brian Krebs, the above text was removed from PNI’s website as the story gained traction and PNI’s Wikipedia page was edited to remove client information. 

Concerned about your online privacy? Get the best free web protection with Web Companion.