Aurora Cannabis said it’s consulting with security experts and authorities as a hacker solicits online bids for data allegedly belonging to the Canadian cannabis company. The data appears to include copies of passports, driver’s licenses, credit card information and other business documents.
A Jan. 7 post on an online marketplace for hacked databases advertises “All Data From Aurora Cannabis” for sale, and offers 11 sample images as “proof of concept.” Among the images is a passport that appears to belong to Darryl Vleeming, Aurora’s chief information officer, and an Alberta driver’s licence appearing to belong to Amy Lamoureux, a supply chain manager at the company.
Edmonton-based Aurora said it suffered a “cybersecurity incident” on Christmas Day. The company said at the time that no patient data was compromised, and that Aurora’s network of operations was unaffected. Aurora sells medical cannabis directly to nearly 100,000 Canadian patients. The company has approximately 1,800 employees, spanning operations in Canada and Europe.
On Monday, spokesperson Michelle Lefler declined to answer questions from Yahoo Finance Canada about what data had been breached, or if the company had been contacted by parties claiming to be in possession of its data.
Read more at finance.yahoo.com