MJ Freeway discloses another cyberattack on the firm, affecting cannabis businesses

MJ Freeway, one of the first companies to create “seed-to-sale” tracking and business software for the legal cannabis industry, has just disclosed it was the target of another cyberattack; one that took place about a year ago.

The Denver-based company, which also provides tracking software for a number of state regulatory systems in addition to approximately 1,000 cannabis retailers across the U.S., has been dealing with a string of hacks, system outages and other disruptions over the past several months.

According to a statement to its clients, published Tuesday on the firm’s website, MJ Freeway determined that “certain client information” had been stolen on or around Nov. 19, 2016, affecting businesses in multiple states. The data included customers’ date-of-birth and contact information, but no Social Security identification or credit or debit card numbers, according to the company.

The firm said it immediately launched an investigation and has been working with “third-party forensic investigators.”

This is at least the second time MJ Freeway has been the victim of a cyber hack. In January, the company reported an outage of its inventory system and an inability to process transactions, due to an attack on both its main and backup databases.

“Customer trust and safety are our first priority and since the January event we have worked with the Colorado Bureau of Investigation and our independent security firm to recover client data, strengthen our systems, and identify the criminals behind the attack,” Jeannette Ward, MJ Freeway’s vice president of global marketing and communications, said in an email statement to The Cannabist.

In terms of the November 2016 incident, Ward said the company is “pleased to have recovered this file and intend to use it to restore a subset of client data previously believed lost. We stand ready to assist our customers and answer their questions about this development in our investigation.”

Attorney Mark Mermelstein, who is counsel for MJ Freeway and a specialist in cybersecurity legal issues, told The Cannabist the hacks appear to be a “sophisticated sequence of malicious attacks directed against the company.”

The CBI did not immediately respond to a request for comment.

This is a developing story. Check back for updates.

Leave a Reply

Your email address will not be published. Required fields are marked *