"Data Breach Exposes Personal Information on Cannabis Users"
On December 24, 2019, security researchers with VPNMentor discovered an unsecured Amazon S3 bucket owned by THSuite, a point-of-sale system (PoS) system in the cannabis industry. The database lacked authentication and security, thus leading to the exposure of sensitive data belonging to multiple marijuana dispensaries in the US and more than 30,000 customers. US laws require cannabis dispensaries to collect large amounts of sensitive information about their clients to comply with US laws. Therefore, the database contained scanned government IDs, employee IDs, and other personally identifiable information. Cybercriminals can use this data to perform malicious activities such as identity theft, phishing, and more. This article continues to discuss the data breach regarding its discovery, scope, and impact.
TechNadu reports "Data Breach Exposes Personal Information on Cannabis Users"