The news of the CVS breach broke about a week after Wal-Mart Stores Inc. announced that it’s investigating a possible theft of credit card data from its Canadian photo website, which also is served by PNI.

“As a precaution, as our investigation is underway, we are temporarily shutting down access to online and related mobile photo services”, the message stated. “We apologize for the inconvenience”, said CVS Public Relations Director Mike DeAngelis, via email.

Calls to PNI Digital Media were not immediately returned. Staples could not be reached Friday. Walmart Canada has disabled the photo site.

CVS isn’t the first company having such a problem with third party online transaction breaches.

“We have been made aware that customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised”. Target announced Monday, June 15, 2015, that it is selling its pharmacy and clinic businesses to drugstore chain CVS Health for about $1.9 billion in a deal that combines the resources of two retailers seeking to polish their reputations as health care providers. CVSPhoto is separate from other CVS websites, and the company says no other sectors of its business was impacted by the apparent breach. “We are working closely with the vendor and our financial partners and will share updates as we know more”, the note on the site read.