1 min read

Personal Information of Aurora Cannabis Employees Up for Sale on Hacking Forum

Alina BÎZGĂ

January 08, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Personal Information of Aurora Cannabis Employees Up for Sale on Hacking Forum

A threat actor who breached the network of Canada-based Aurora Cannabis over Christmas is looking to cash in after posting a database of stolen information online.

The attacker claims to have stolen 50GB of personal identifiable information (PHI) of Aurora Cannabis customers and employees, including photos of passports, checks, driver licenses and business documents.

In an email sent to Canadian press outlets, Aurora Cannabis  said it took immediate action to mitigate the attack, and consulted with third-party security experts to assess the damages.

“The company took immediate steps to alleviate the incident, consulted security experts actively and cooperated with the authorities,” spokeswoman Michelle Lefler said.

The cannabis cultivator did not say what kind of information was accessed how many employees were affected. However, Lefler emphasized that the systems housing patient information and business operations were not impacted in the breach.

“Not affected are the patient systems of Aurora and the network of operations of the company,” Lefler added. “I can confirm that we have been following all security protocols, working with privacy and law enforcement councils and have contacted any affected current or former employees directly.”

Contrary to Aurora”s remarks, the cybercriminals claims he contacted the company demanding a ransom for not releasing the information. In an interview with BleepingComputer, the hacker stated that he still has access to the network, reporting, “I sent mail but i think all employs ignored me.”

According to comments by a former Aurora employee, the victim received a data breach notification email from the company, explaining that “unauthorized parties accessed data in (Microsoft cloud software) SharePoint and OneDrive” on December 25.

The ex-employee also said he managed to get in touch with around eight Aurora workers to check if they received the same notification. However, they all reported different types of compromised information, such as credit card or government identification or home addresses and banking details.

1 in 4 people is likely to fall victim to a data breach. Have you ever been exposed? Find out now with Bitdefender”s Digital Identity Protection.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

French Transport Giant Data Breach Exposed Over 50,000 of Employee Records French Transport Giant Data Breach Exposed Over 50,000 of Employee Records
Alina BÎZGĂ

December 07, 2021

2 min read
WhatsApp Pumps Up User Privacy with Updated Default Disappearing Message Feature WhatsApp Pumps Up User Privacy with Updated Default Disappearing Message Feature
Alina BÎZGĂ

December 07, 2021

1 min read
Gravatar Data Leak Exposed 167 Million Profiles. What Does it Mean for You? Gravatar Data Leak Exposed 167 Million Profiles. What Does it Mean for You?
Radu CRAHMALIUC

December 07, 2021

2 min read