Did this cannabis site expose the records of more than a million users?

Growth op

The passwords and private information of 1.4 million users in an online cannabis growing and journaling platform may have been exposed. So alleges Volodymyr “Bob” Diachenko, an independent cybersecurity consultant, who posted a blog about his findings on LinkedIn . Cannabis websites are prime targets for cyberattacks. Here’s how to protect yourself Cyber security is only as strong as its weakest link: What are the biggest security threats in the cannabis industry? Electronic data breach sees medical cannabis users’ personal information compromised Diachenko says that GrowDiaries, an online community of cannabis growers, exposed more than 3.4 million user records on the web without a password. Diachenko alleges that he discovered the unprotected database last month and it was secured five days after he alerted the company. “It consisted of about 1.4 million records with email addresses and IP addresses, plus 2 million records containing user posts and hashed account passwords. The passwords were hashed using MD5, a deprecated algorithm that an attacker could easily crack to access passwords in plain-text,” he writes, adding that many of the users are based in countries where cannabis cultivation remains illegal. In response to Diachenko, GrowDiaries clarified they are not based in the U.S., that…

Excerpt only …
Source : Did this cannabis site expose the records of more than a million users?

reposted by Cannabis News World

This site uses Akismet to reduce spam. Learn how your comment data is processed.