Aurora Cannabis hit by ‘cybersecurity incident’ on Christmas, doesn’t say what data affected

[mood]

Aurora Cannabis hit by ‘cybersecurity incident’ on Christmas, doesn’t say what data affected

 

The Aurora Sky facility is shown in Edmonton in this undated handout photo. THE CANADIAN PRESS/HO - Aurora

 

Aurora Cannabis Inc. says it experienced a “cybersecurity incident” over the holidays.

 

The Edmonton-based cannabis producer says the incident took place on Dec. 25, but did not share what data was involved or how it was accessed.

 

Spokeswoman Michelle Lefler says in an email to The Canadian Press that as soon as Aurora learned of the incident, it took immediate steps to mitigate it.

 

She says Aurora is following all security protocols and consulting with security experts.

 

Lefler says Aurora’s patient systems were not compromised and the company’s network of operations is unaffected.

 

Statistics Canada says one-fifth of Canadian businesses were affected by cybersecurity incidents in 2019, the most recently available data.

 

Almost half of those attacks were linked to large businesses, 29 per cent at medium-sized companies and 18 per cent at small businesses.

 

 

Source: Aurora Cannabis hit by ‘cybersecurity incident’ on Christmas, doesn’t say what data affected

[mood]

Hacker sells Aurora Cannabis files stolen in Christmas cyberattack

 

 

A hacker is selling the data stolen from cannabis giant Aurora Cannabis after breaching their systems on Christmas day.

 

Aurora Cannabis is a Canadian cannabis producer listed on both the Toronto Stock Exchange and the New York Stock Exchange. The company operates numerous cannabis-related medical and consumer brands, including MedRelease, CanniMed, Whistler Medical Marijuana Corp., San Rafael, Daily Special, and Woodstock.

 

Marijuana Business Daily reported that former and current employees received data breach notifications from Aurora Cannabis after the company suffered a cyberattack on December 25th, 2020.

 

The data breach notifications describe what data was stolen in the attack, with each employee reporting different compromised data.

"He said each person reported different data compromised in the breach, including credit card information, government identification, home addresses and banking details," MBD reported.

Hacker selling stolen data for one bitcoin

Today, the hacker behind the Aurora Cannabis attack began selling the stolen data on a hacker forum for one bitcoin, approximately 39,000 at today's prices. As part of the post to promote the sale, the threat actor leaked images of eleven files stolen during the attack.

 

 

The samples of stolen data included images of passports, checks, driver licenses, and business documents.

 

Image of check stolen during the data breach
Sensitive information redacted by BleepingComputer

 

In an interview with the hacker, BleepingComputer was told that Aurora Cannabis was breached on December 25th after the threat actor hacked into their network.

 

The threat actor claims to have stolen 50GB of data, including customers' and employees' personal information.

 

After stealing the data, the hacker states they contacted Aurora Cannabis to ransom the data back to them, but "all them ignore this breach."

 

The threat actor claims that they still have access to Aurora's network. When asked if Aurora knows that they continue to have access, BleepingComputer was told, "i send mail but i think all employs ignored me."

 

BleepingComputer has contacted Aurora Cannabis about the attack but did not receive a response.

 

 

Source: Hacker sells Aurora Cannabis files stolen in Christmas cyberattack