![]() "Medical patients have a legal right to keep their medical information private." THSuite has been contacted for comment. "This raises serious privacy concerns," the vpnMentor blog said. It remains unclear if the data was accessed by anyone else during the time it was online. Users should reach out to their dispensaries and find out from them if they are customers of THSuite," a spokesperson for vpnMentor told Newsweek. " never replied to us following the disclosure, the bucket was secured following our reach-out to Amazon. Researchers said the exposed information could have privacy implications for users, and said any concerned patients should speak directly with the marijuana providers. A budtender displays cannabis at the Higher Path medical marijuana dispensary in the San Fernando Valley area of Los Angeles, California, December 27, 2017. As a consequence, the platform has access to a lot of private data related to dispensaries and their customers."Īmedicanna Dispensary and Bloom Medicinals provide patients with medical marijuana, while the Colorado Grow Company is focused on the sale of the drug for legal recreational use.Įxamples of leaked personal information from THSuite clients included full names, phone numbers, dates of births, medical ID numbers, signatures, gram limits and sales figures.Ī budtender displays cannabis at the Higher Path medical marijuana dispensary in the San Fernando Valley area of Los Angeles, California, December 27, 2017. ![]() is designed to simplify this process for dispensary operators by integrating with each state's API traceability system. "Cannabis dispensaries have to collect large quantities of sensitive information in order to comply with state laws. Using a browser, the team could access all files hosted on the database," vpnMentor said. "We were able to access bucket because it was completely unsecured and unencrypted. In total, it had allegedly included more than 85,000 files. The leaky cloud database was first discovered on December 24 last year, and finally closed on January 14 after being disclosed to the software company. Researchers claimed that "it's possible" all THSuite of clients had been involved in the breach. The breach was traced back to point-of-sale software company THSuite, researchers Noam Rotem and Ran Locar said in a blog post this week.Īt least three dispensaries across the U.S., seemingly customers of THSuite, were impacted by the Amazon S3 bucket leak, named as Amedicanna Dispensary, Bloom Medicinals and Colorado Grow Company. ![]() Read more Ring Camera Hack: How to Know If Your Home Camera Is Compromised
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |