CVS Knows You Like K-Y Jelly. Now The World May Find Out.

It was only a matter of time. USA Today reports on the latest security breach involving “loyalty cards”, this time at CVS.

The data security flaw in the ExtraCare card service was exposed Monday by the grassroots group Consumers Against Supermarket Privacy Invasion and Numbering, or CASPIAN.
It said anyone could learn what a customer had purchased with an ExtraCare card by logging on to a company Web site with the card number, the customer’s zip code and first three letters of the customer’s last name.
Once logged on, a list of recent purchases could be sent to an e-mail account.

“Loyalty Cards” are the biggest con game in retail marketing. And if you egg ’em on by actually giving your real name and address to these people, you get what you deserve. One day, your insurance company will get a hold of that information, and if you keep buying your condoms, beer, cigarettes, K-Y Jelly and home pregnancy tests at CVS, they’ll know–and they’ll jack up your insurance rates.

About Dan Goldgeier

Blogging on AdPulp since 2005, Dan Goldgeier is a Seattle-based freelance copywriter with experience at advertising agencies across the U.S. He is a graduate of the Creative Circus ad school, and currently teaches at Seattle's School of Visual Concepts. In addition, he is a regular columnist for Dan published the best of his columns in a book entitled View From The Cheap Seats: A Broader Look at Advertising, Marketing, Branding, Global Politics, Office Politics, Sexual Politics, and Getting Drunk During a Job Interview. Look for it on Amazon in paperback and e-book editions.


  1. Couldn’t agree more. There’s almost no incentive to provide a real name and address, and anyone who does is a fool.