Cyber Attack On Medical Marijuana Database

Social Security Numbers and Identifying Information Exposed

Cyber Attack On Medical Marijuana Database – RENO — Thousands of medical marijuana agent applications for people looking to run a dispensary were exposed online, according to a statement from the Nevada Division of Public Behavioral Health.

In a statement sent Wednesday evening, the state said it was investigating a “cyber-attack” on its Medical Marijuana Program database that affected medical marijuana agent cards, disclosing the Social Security numbers and other identifiable information for employees and owners of medical marijuana establishments. The state said no private medical marijuana patient information was disclosed.

“The entire portal has been taken down,” said Cody Phinney, division administrator, in a prepared statement. “To prevent further breaches, the Division’s IT staff are working with state IT staff, investigating the breach.  We appreciate everyone’s patience during this difficult time.  As more information is known, the public will be notified.”

It is unclear how long the information was available, whether anyone besides Shafer had access to it and how far back the information goes. The Reno Gazette-Journal has reached out to Shafer for comment.

In addition to contacting the individuals involved, the Division is notifying three major credit reporting agencies of this database breach: Equifax (800) 525-6285; Experian(888) 397-3742; and TransUnion (800) 680-7289. Agent cardholders are encouraged to report to these agencies that their individual information was compromised in this breach.

The incident has been referred to law enforcement agencies for further investigation.

From: USA TODAY