Sign up for our daily Newsletter and stay up to date with all the latest news!

Subscribe I am already a subscriber

You are using software which is blocking our advertisements (adblocker).

As we provide the news for free, we are relying on revenues from our banners. So please disable your adblocker and reload the page to continue using this site.
Thanks!

Click here for a guide on disabling your adblocker.

Sign up for our daily Newsletter and stay up to date with all the latest news!

Subscribe I am already a subscriber

US (MA): Cannabis regulators putting out ‘a series of fires’ involving a Russian oligarch and data breach

Thousands of employees in the Massachusetts cannabis industry received an official email last week about a major data breach: the name, home, email address, phone number, and date of birth of every cannabis worker in the state had been made public in an "inadvertent release of agency documents" by the state's own Cannabis Control Commission. Along with the names and personal information, the dataset included a list of former employees and the specific reasons they were no longer associated with the marijuana company, including alleged violations of company policy.

The state email provided little context for the leak, sparking panic and confusion across online message boards and the local cannabis community. Cannabis workers say they didn't know what the breach meant for their safety. They also didn't know that the leak led back to an investigation into a Russian oligarch and a Belmont-based blogger now hiding in a safe house.

Grant Smith Ellis has been writing about weed since 2017, primarily through an online blog with 25 paid subscribers. Earlier this month, he published a blog post that included internal communications between state commission members discussing an ongoing investigation into alleged financial ties between Massachusetts-based cannabis company Curaleaf and Roman Abramovich, a sanctioned Russian oligarch, and confidante of Vladimir Putin.

In response to a public records request, Smith Ellis received the internal communications and a trove of other confidential information — some 17,000 rows of cannabis employees' personal data — due to an error made by the commission. The personal data never went public, and his blog post only published details relating to the internal communications between commissioners regarding the Curaleaf investigation.

Read more at wgbh.org

Publication date: