Australian cannabis company Cann Group Limited said it had lost $3.6 million in a “cyber security incident” involving payments meant for an overseas contractor related to work at its Mildura, Victoria facility.
The company, which trades on the ASX, said it discovered the breach on February 4 and it is “currently under investigation.” Cann said the payments to the contractor had been “received by an unknown third party as a result of a complex and sophisticated cyber fraud perpetrated against the company and its overseas contractor.” The contractor was unnamed in the Monday announcement.
“The Company is working with its bank to determine if any of the payments can be halted and if any of the funds involved are recoverable. The Company has notified its insurance brokers to determine if a claim can be made to recover any of the losses involved. Immediate action has also been taken to ensure the integrity of Cann’s IT systems.” – Cann Group Limited, Feb. 8, 2021, ASX Announcement
The firm said it remains in a “financial position to continue with its ongoing operations and projects,” including the Mildura facility, “irrespective of any funds being recovered.”
The company said it has alerted authorities in Australia, the Netherlands, and Hong Kong.
Last Christmas, Canadian cannabis company Aurora was the victim of a hack into its Microsoft Cloud software which led to company and employee data ending up for sale online.
Last year, cannabis point-of-sale system THSuite was targeted by hackers who ended up leaking 85,000 files from dispensaries throughout the U.S., including more than 30,000 records containing personally identifiable information.
Note: All figures in Australian dollars
Get daily cannabis business news updates. Subscribe