Aurora Cannabis, a popular medical cannabis producer in Canada, suffered a data breach that exposed its customers’ and employees’ personal information totaling 50GB of data. The stolen data includes medical diagnoses, credit card information, government IDs, residential addresses, banking details, images of passports, cheques, driver licenses, and business documents.
Aurora Cannabis operates a range of cannabis-related medical and consumer brands like Whistler Medical Marijuana Corp., MedRelease, CanniMed, San Rafael, Daily Special, and Woodstock.
According to a report from Marijuana Business Daily, both former and current employees have received data breach notifications from Aurora Cannabis after the enterprise discovered the cyberattack on December 25, 2020.
Stolen Data Traded for One Bitcoin
Marijuana Business Daily claimed that the threat actors responsible for the Aurora Cannabis data breach are selling the stolen data on darknet forums for one bitcoin. They also advertised their posts to promote sales by leaking images of the stolen information.
Aurora’s spokeswoman Michelle Lefler clarified that Aurora’s patient systems and operations were unaffected in the incident. She also confirmed that the company “was subject to a cybersecurity incident on Christmas day that affected both current and former employees. The company immediately took steps to mitigate the incident, is actively consulting with security experts and cooperating with authorities.”
“I can confirm we are following all security protocols, are working with privacy councils and law enforcement and have communicated directly with any impacted current or former employee,” Lefler added.
Canada’s Cannabis Connection
Multiple security incidents have been reported earlier on Canadian medical cannabis providers. Natural Health Services, the operator of Canada’s largest referral network of medical cannabis patients, suffered a data breach that exposed customers’ personal information like medical diagnoses, referrals, encounter notes, and allergies. The Calgary-based health center stated that unknown intruders allegedly accessed personal health records between December 4, 2018, and January 7, 2019.