4,500 customers data was leaked to the net
File under whoa, dude. The Ontario Cannabis Store (OCS) has become the first pot vendor to get the breach disclosure munchies since Canada legalized the sale of weed. Bad puns to one side, this is serious stuff. The OCS has contacted some 4,500 customers after a supply chain data breach resulted in buyer addresses being offered for sale on the dark web. The breach itself happened on November 1st when the delivery tracking resource of Canada Post, used by the store to ship cannabis orders, was apparently compromised. In a statement, a spokesperson for the OCS says that it has “worked closely with Canada Post to identify the cause of this issue and to prevent any further unauthorized access to customer delivery information.”
Information that has been offered for sale on dark markets include the usual delivery tracking details of postal codes, purchase reference numbers, Canada Post tracking numbers, date of delivery and the names of whoever signed for the package. The latter is important, as it’s not necessarily going to be the same as the name of the customer and could just be limited to initials. Customer names were not, as far as I’m aware at this stage, part of the dataset that was compromised. Nor, seeing as this was just delivery tracking data we are talking about, was any payment information accessed.
To Read The Rest Of This Article On Forbes, Click Here