
A popular US-based cannabis company has suffered a third-party data breach that exposed its customers' ID information and transaction history.
The popular cannabis brand, Stiiizy, said that a point-of-sale vendor had notified them of a breach relating to some of the cannabis suppliers' retail locations.
The categories of information impacted include:
- Names
- Addresses
- Dates of birth
- Drivers license numbers
- Passport numbers
- Photographs
- Signatures (appearing on government ID)
- Medical cannabis cards
- Transaction histories
Personal information such as names, addresses, dates of birth, and ID card numbers can make it easy for threat actors to commit identity theft or fraud.
If information like government IDs and signatures are leaked, bad actors could easily impersonate their victims and use this information to commit financial fraud.
Threat actors could also use stolen transaction histories, names, addresses, and other information to create personalized and targeted scams against Stiiizy customers.
Given the stigma surrounding marijuana, bad actors could potentially use this stolen information to blackmail and extort their victims.
Multiple California-based locations were impacted, including dispensaries in San Francisco, Alameda, and Modesto.
It was discovered that the vendor, who was not named in the breach notification, was compromised by “an organized cybercrime group.”
According to our Cybernews ‘Ransomlooker’ tool, Stiizy was compromised by the ransomware Everest in November and December of 2024.
TechCrunch confirmed that Everest had posted customer data on its leak site after the cannabis dispensary disregarded its ransom demands.
According to cybersecurity firm Halcyon AI, the ransomware gang claimed responsibility for the attack and claimed to have the personal information of more than 420,000 Stiiizy customers.
Who is the Everest ransomware gang?
The Everest ransomware gang is thought to be connected to Black-Byte ransomware operations, which functions as ransomware-as-a-service and is said to have ties with Russia.
Everest took responsibility for the AT&T hack, offering up alleged access to the entire AT&T corporate network.
Everest also made waves in September 2022, breaching the Brazilian government and stealing 3TB of sensitive data from its network servers.
According to the Cybernews ‘Ransomlooker’ tool, Everest is currently active and supposedly claimed 18 victims in November 2024 and 12 in December of the same year.
Your email address will not be published. Required fields are markedmarked