Washington State Marijuana Tracking System Hacked to Steal Route Data

Problems for Washington Marijuana Industry Twofold After New Marijuana-Tracking Software Hack.

The pot industry in Washington has suffered massive setback after the state’s marijuana-tracking system dubbed as Leaf Data Systems got hacked on February 3rd and the hacker managed to steal route-related information of marijuana deliveries for the next four days apart from delivery vehicle information, approx. travel time, VIN numbers and license plate numbers, etc.

According to the spokesperson for the Liquor and Cannabis Board (LCB), Brian Smith, the intruder “did something in the system,” to compromise it and transfer the data. A statement from Washington State Liquor and Cannabis Board (WSLCB) Deputy Director Mr. Peter Antolin revealed that:

“A computer vulnerability was exploited on Saturday, allowing unauthorized access to the traceability system. There are indications an intruder downloaded a copy of the traceability database and took action that caused issues with inventory transfers for some users. We believe this was the root cause of the transfer/manifest issue experienced between Saturday and Monday.”

According to The News Tribune, on February 1st, the state employed a brand new marijuana-tracking system but it has been plagued with issues ever since its launch, which mostly was caused by technical glitches. On 4th February, MJ Freeway, the firm responsible for providing the data service and the tracking software, identified that the tracking system was hacked and on February 5th the company discovered that the issues were actually a security glitch.

Washington State Marijuana Tracking System Hacked to Steal Route Data

The LCB was notified immediately and a message was sent to all the marijuana dealers associated with the Board. Furthermore, the Washington State Office of Cybersecurity was also contacted to initiate an investigation to the hack. On February 5th, the security issue was resolved and it was decided that MJ Freeway will continue to be the official state’s vendor of the software.

However, due to the system’s unreliable nature, marijuana industry in the state has suffered greatly as pot growers and sellers are finding it hard to maintain business operations. Smith responded that online presence cannot be guaranteed to remain 100% safe from intrusion but MJ Freeway has taken necessary steps to make sure that the system remains secure and is in-sync with the most advanced security standards.

The purpose of marijuana-tracking software is to help regulators meet the federal guidelines about marijuana diversion; through tracking pot deliveries federal officials would be assured that it wasn’t being delivered to the black market or crossing state limits.

It is not yet clear why the system was hacked and what the intruders plan to do with the stolen data but proprietors believe that they would most probably try to manipulate the data. However, this is not the first time MJ Freeway Freeway is under cyber attack. In November last year, the company suffered a hack attack in which personal and contact data of customers was stolen while in a June 20th, 2017 incident hackers stole MJ Freeway Freeway’s system source code.

Image credit: DepositPhotos

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.