Leafly Cannabis Information Platform Suffered a Data Leak
Leafly, the world’s leading cannabis resource, informed its customers via email that has suffered a data leak. On September 30, the company discovered that customer
The company discovered on September 30 that a secondary database was exposing customer information from July 2, 2016.
Exposed records include user’s email addresses, usernames and encrypted passwords, fortunately, no financial data was collected by the company.
For some users, the database also leaked names, ages, gender, location, and mobile numbers.
“On September 30, we teamed that a set of Leafly user records dated July 2, 2016 held in a secondary Leafly database was disclosed without permission. Your email address was in that file,” reads the notification email sent to the impacted customers. “Leafly does not collect credit card information or national identification numbers,”
The company hired a forensic security firm to help its staff in the investigation. The company recommends users to reset the password and use a unique password for each service online.
“However, it is a good idea to ensure that you use a unique password on Leafly and other services you use. If you share passwords across services and haven’t updated them recently, and you haven’t reset your Leafly password, we recommend you do SO DOW,” continues the notification mail.
“Please accept our sincere apology for any concern this has caused. If you have any questions, please reach out to our customer support team at support@leafly.com,” states Leafly.
At the time it is not clear the number of impacted users.
This post Leafly Cannabis Information Platform Suffered a Data Leak originally appeared on Security Affairs.