LATEST JAN. 20: The portal site for Nevada's medical marijuana program is back online after being offline for more than 3 weeks following a cyber-attack.
The site is again accepting new patient applications and renewals. While initially the state said only dispensary employees' information was revealed, thousands of patients' information may have been leaked.
Patients like Anne-Marie Zappola are worried.
ORIGINAL STORY
The Division of Public Behavioral Health has been investigating a cyber-attack on its Medical Marijuana Program database.
On Wednesday, the Nevada State Medical Marijuana Program became aware that application information about individuals with medical marijuana agent cards, such as employees and owners of medical marijuana establishments, has been disclosed. The information includes social security numbers and dates of birth. At this time, private patient information is considered to be secure.
“The entire portal has been taken down,” said Cody Phinney, Division of Public Behavioral Health administrator, in a statement. “To prevent further breaches, the Division’s IT staff are working with state IT staff, investigating the breach. We appreciate everyone’s patience during this difficult time. As more information is known, the public will be notified.”
In addition to contacting the individuals involved, the Division is notifying three major credit reporting agencies of this database breach: Equifax (800) 525-6285, Experian (888) 397-3742 and TransUnion (800) 680-7289. Agent cardholders are encouraged to report to these agencies that their individual information was compromised in this breach.
The incident has been referred to law enforcement agencies for further investigation.