Cyberattacks are always dangerous, and when they affect the medical industry, they severely compromise public health and confidentiality. The recent MJ Freeway data breach demonstrates just how sensitive medical data is, reinforcing the need for effective data storage and security:
MJ Freeway is a Colorado-based tracking software company that caters to medical marijuana dispensaries across the United States. On 8 January 2016, the company suffered a severe hack, losing records from more than a thousand of their clients in 23 different states. Such an attack would severely disrupt any business but has been particularly damaging for cannabis dispensaries, as state regulations require them to provide clear records of all sales and inventory changes. Though some affected clients were able to continue business using traditional tracking methods, many had to shut down, depriving their customers of treatment.
In addition to short-term market disruption, the attack also may have compromised the privacy of millions of medical marijuana patients. Because of the negative perceptions associated with cannabis, many medical marijuana users do not reveal their treatments in public. If the attackers stole patient information, they could publicize it at any time. MJ Freeway insists that its client data is encrypted, but many clients are unconvinced, pointing out that the attackers could have stolen the encryption codes. If this is true, the attackers could continue to do damage for months or years in the future.
Whatever ultimately results from the MJ Freeway data breach, it serves as a wake-up call for all businesses that handle sensitive information. To minimize your firm’s risk and keep clients’ data safe, remember to: