Security News > 2020 > January > Privacy Firm Finds Unsecured Cannabis Patient Information
An internet privacy firm says it was able to access private personal information of more than 30,000 medical marijuana patients, recreational pot customers or dispensary employees in several states.
The privacy firm was searching for unsecured data online and says the database has now been secured.
The privacy firm, vpnMentor, said in a report posted on its website that Seattle-based software firm THSuite had failed to encrypt or secure the data, which was stored in the cloud via Amazon Web Services.
Among the dispensaries with unsecured customer and employee information were Amedicanna, a marijuana dispensary in Maryland, and Bloom Medicinals, with several locations in Ohio, the privacy firm said.
The privacy firm said the breach could raise issues regarding patient privacy under federal law.