Washington State Cannabis Tracking System Hacked -- Security Today

Washington State Cannabis Tracking System Hacked

Washington state’s new cannabis-tracking system was hacked the weekend of Feb. 3, according to the Washington State Liquor and Cannabis Board (WSLCB). Among other information, the hacker stole route information associated with four days of marijuana deliveries.

By Jessica Davis
Feb 12, 2018

Washington state requires the tracking of marijuana products from when it’s planted to when it’s sold to a pot user, allowing regulators to watch for suspicious movement of plants or products. The state’s traceability system, Leaf Data, was breached on Feb. 3.

“A computer vulnerability was exploited on Saturday, allowing unauthorized access to the traceability system,” according to WSLCB Deputy Director Peter Antolin. “There are indications an intruder downloaded a copy of the traceability database and took action that caused issues with inventory transfers for some users. We believe this was the root cause of the transfer/manifest issue experienced between Saturday and Monday.”

According to Antolin, the information downloaded did not contain personally identifiable information and, except for the manifest data, most data captured by the intruder was already public.

Manifest data includes detailed information on where cannabis products in the legal market are, where they’re from, and where they’re going, as well as transporter vehicle descriptions and license plate numbers. That data could potentially be used to intercept shipments or even rob drivers of cash and cannabis products.

Leaf Data developers MJ Freeway discovered problems associated with the hack on Feb. 3 and notified WSLCB on Monday. On Thursday, all marijuana licensees were notified and the WSLCB contacted the Washington State Office of CyberSecurity, which is investigating the hack.

According to WSLCB, it and MJ Freeway “continue to implement several strategies to prevent future vulnerabilities,” but because the investigation is ongoing, “details on security are not publicly available.”

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Digital Edition

March 2020

Featuring:

• Transforming the Industry
• The Open Platform
• Creating a Standardized Platform
• Common Mistakes
•The Next Victims
View This Issue

Washington State Cannabis Tracking System Hacked

Video Conferencing Software Zoom Faces Scrutiny Over Hacks, Abusive Behavior During Meetings

Research: Americans Should Watch Out For Hacking Campaigns Related to Stimulus Bill, Economic Recovery

Genetec Announces Immediate Availability of AutoVu™ SharpZ3 Next-Generation Mobile License Plate Recognition System

Department of Homeland Security Plans to Use Facial Recognition to Track Transnational Gang Activity

World Health Organization Facing Cyber Attacks During Coronavirus Response

Video Conferencing Software Zoom Faces Scrutiny Over Hacks, Abusive Behavior During Meetings

DHS Delays Real ID Deadline Until 2021 Due to Coronavirus Crisis

Digital Edition

March 2020

Whitepapers

Perimeter and Intruder Security for Educational Establishments

The AI (R)Evolution of Enterprise Security

Webinars

Trends in Physical Security Monitoring & Best of Breed Video Surveillance Solutions - How Do Your Current Solutions Stack Up?

What's in the Background? Establishing a Viable Campus CCTV Policy

Education in a Time of COVID-19: Student Privacy Law and Coronavirus