Nevada site bug leaks medical marijuana applicant data

The sensitive info of more than 11,700 people was available for anyone to see.

Sponsored Links

Seastock via Getty Images
Seastock via Getty Images

Nevada residents applying to sell medical marijuana got just got an unpleasant surprise. The state's Department of Health and Human Services has confirmed that a vulnerability in a website portal leaked the data of more than 11,700 applicants, including their driver's license and social security numbers. Officials have taken down the relevant site until they fix the flaw, but there's a concern that fraudsters might have seen the info and used it for malicious purposes.

The scale of the leak might be modest. A spokesperson tells ZDNet that the data represented just a "portion" of one data base among several. And when Nevada voted to legalize medical marijuana in 2000, it's possible that some of the information is outdated. Even so, this underscores a common problem with government data: frequently, agencies are their own worst enemies thanks to avoidable security holes and imperfect policies.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget