Cannabis dispensaries have to collectlarge quantities of sensitive information to make it comply with state laws.
But rare are these times.
Some affected parties deny the facts, disregarding our research or playing down its impact.
So, we need to be thorough and verify everything we find is correct and true.
The leaked bucket contained so much data thatit wasn’t possible for us to examine all the records individually.
Examples of these entries can be found below.
However,this breach affected many more dispensaries.It’s possible that all THSuite clients and their customers were involved.
We also found photographs ofgovernment-issued photo IDsand corresponding signatures of dispensary visitors and patients alike.
The sales were further broken down by payment method and product key in.
The leak exposedfull names of dispensary employees and the number of hours they workedduring each two-week pay period.
Data Breach Impact
This data breach has serious consequences for the dispensaries and their customers.
This raises someserious privacy concerns.
Medical patients have a legal right to keep their medical information private for good reason.
Patients whose personal information was leaked may face negative consequences both personally and professionally.
Even in states where cannabis use is permitted under state law,it’s still prohibited under federal law.
However, most legal experts agree thatdispensaries must follow HIPAA regulations just like any other health care provider.
Many workplaces have specific policies prohibiting cannabis use.
Even without the legal risks, there’s still astigma surrounding marijuana use.
Individuals may suffer backlash if their families, friends, and colleagues find out that they use cannabis.
Exposed telephone numbers and text notification opt-in statusprovide the perfect opportunity for phishing attacks.
Malicious actors can also use leaked emails and home addresses to target individuals.
Hackers can easily use exposed personal details togather more personal data through social media accountsand other online sources.
Detailed information about recent purchases exposed in the data breach could be used togain access to private financial accounts.
With enough information, a malicious party could evencommit identity theft, which can have very serious long-term consequences.
Impact on Dispensaries
The data breach also affects dispensaries that trusted THSuite with their private information.
These dispensaries may find themselves facingmajor consequences because of the possible HIPAA violation created by this breach.
These businesses can take advantage of this to improve their pricing strategy and product offerings.
They can also use leaked customer information to createtargeted ad campaigns.
Affected dispensaries could lose customersas a result of the data breach.
Our research team scans ports to find known IP blocks.
The team then searches for vulnerabilities in the system that would indicate an open database.
After finding a data breach, we do our best to link the database back to the owner.
As ethical hackers and researchers, we never sell, store, or expose the information we encounter.
Our goal is to improve the overall safety and security of the internet for everyone.
About Us and Previous Reports
vpnMentor is the world’s largest VPN review website.
We recently found alarge data breach that exposed the browsing history of mobile internet users in South Africa.
We also discoveredover 1TB of data leaked by Chinese online retailer LightInTheBox.
hey, comment on how to improve this article.
