Cannabis Users' Sensitive Data Exposed in Data Breach (Jan 22, 2020)
THSuite, a point-of-sale system used in the cannabis industry has been compromised with a data leakage with Personally Identifiable Information (PII) of over 30,000 individuals being exposed. Details include but are not limited; cannabis purchased, DOB, dispensary sales, email addresses, full names, medical ID numbers, phone number and street address. Researchers from vpnMentor analyzed unsecured and unencrypted Amazon S3 buckets owned by THSuite that resulted in the exposure of sensitive data from multiple marijuana dispensaries. Affected dispensaries are; Amedicanna Dispensary, a medical dispensary based out of Maryland state, Bloom Medicinals, a medical dispensary with locations in Akron, Columbus, Maumee, Painesville and Seven Mile. The recreational dispensary Colorado Grow Company based in the Durango Colorado was also affected.
Recommendation: The exposure of PII from these dispensaries requires affected customers, patients and staff members to take precautionary measures to protect their identity from fraud and their finances. Identity theft services can assist in preventing illicit purchases, or applying for financial services from taking place by actors using stolen data.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.