Security News > 2020 > January > POS Vendor for Cannabis Dispensaries Exposed Data: Report
A point-of-sale system vendor that serves U.S. medical and recreational cannabis dispensaries left an unprotected database containing sensitive information about three clients and 30,000 of their customers exposed to the internet, researchers say.
"Our team identified an unsecured Amazon S3 bucket owned by THSuite that exposed sensitive data from multiple marijuana dispensaries around the U.S. and their customers," the research report states.
The leaked data included more than 85,000 files, including scanned government and employee IDs, exposing personally identifiable information for over 30,000 individuals, the report says.
According to vpnMentor, the unprotected THSuite database exposed a range of data about the three dispensaries' customers.
The researchers said in December that they uncovered an unsecured database belonging to TrueDialog, an Austin, Texas-based business SMS texting solutions provider, which exposed data on millions, including text messages, names, addresses and other information.
News URL
https://www.inforisktoday.com/pos-vendor-for-cannabis-dispensaries-exposed-data-report-a-13643