Amidst all the current paranoia about hackers infiltrating the highest levels of American politics comes the disturbing news that software used by cannabis businesses in over 20 states was attacked and compromised.
The story was reported both by the cannabis industry trade website Marijuana Business Daily and tech sites that monitor such attacks, including Hackbusters and DataBreaches. The software, known as MJ Freeway, is used for “seed-to-sale” tracking of cannabis in states that have legalized or passed medical marijuana laws. The Denver-based company said its main servers and backup system both went down the morning of Jan. 8 and remained offline as of the next afternoon.
The outage sent 1,000 retailers nationwide “scrambling to handle everything from sales and inventory management to regulatory compliance issues,” Marijuana Business Daily reported. Some dispensaries had to close their doors entirely.
The company’s director of data and marketing, Jeannette Ward, said: “Our initial analysis indicates that this was a direct attack on MJ Freeway’s infrastructure.”
Tucson dispensary Botanica tweeted: “Our inventory system (@mjfreeway) is down & we are unable to process any transactions. We’ll post more updates as they become available!”
The Boston Globe reported that New England Treatment Access, with locations in Brookline and Northampton, was among the outlets affected by the hack. A message on its website said transactions would take longer than usual at both locations because staffers would need to “conduct certain sales functions manually.”
Comfortingly, Ward said encryption prevented the hackers from reading data about MJ Freeway’s retail clients. And the company emphasized that the attack affected only its currently operational system—not the new, overhauled platform it is just beginning to market. The new software is slated to be operational later this month at cannabis retailers that have signed up to use it.