We place a high priority on protecting the privacy and security of our customers’ information. For example, we monitor the security of our websites, including CVS.com, and if we identify that usernames and passwords obtained from other sources are being used in an attempt to access customer accounts (a practice called “credential stuffing” that is impacting many e-commerce websites), we take steps to help protect customer information from unauthorized activity, including resetting account passwords.
We apologize for any inconvenience in the event you are prompted to change your password and are happy to assist you if you need help. Simply visit http://www.cvs.com/reset and enter the email address that is associated with your CVS.com account and we will send you a link to reset your password.
Customers can take steps to protect their online account information by not re-using the same password across multiple accounts. It is good practice for consumers to choose different account passwords for the various websites they visit. For more information on how to protect your personal information and online accounts, please visit https://www.consumer.ftc.gov/blog/2016/06/password-breaches-what-do.