(800) 834-9795

Call Now (800) 834-9795

Book a Consultation

Top Cannabis Brand Stiiizy Lost 420000 Customers Data!

top cannabis brand stiiizy data breach

Table of Contents

Overview

In late 2024, Stiiizy, a well-known Los Angeles-based cannabis company, experienced a significant cyberattack targeting its point-of-sale processing systems at several retail locations. The breach, attributed to the ransomware group Everest, was allegedly executed by an organized cybercrime group. While the company did not disclose the attackers’ specific identities or motives, Everest reportedly carried out the attack to extort ransom payments, which Stiiizy declined to meet.

What We Know About the Data Breach

The breach compromised sensitive customer information, including:

  • Full names
  • Postal addresses
  • Birth dates and ages
  • Driver’s license and passport numbers
  • Photos and signatures from government-issued ID cards
  • Medical cannabis card details
  • Transaction histories

This data could be exploited for identity theft, personalized phishing attacks, and other fraudulent activities. According to Everest, more than 420,000 customers were affected, though the exact number remains unconfirmed.

Stiiizy learned about the incident from its point-of-sale vendor and began notifying affected customers via breach notification letters dated November 20, 2024. An investigation revealed that the breach began on October 10, 2024, and persisted until November 10, 2024. Four retail locations were impacted: two in San Francisco, one in Alameda, and one in Modesto.

What We Don’t Know About the Data Breach

  • The exact number of customers affected remains unclear, despite Everest’s claims of 420,000 victims.
  • Specific details about the attackers’ identities or how they gained access to the systems have not been disclosed.
  • Stiiizy has not commented whether other locations or systems outside the four targeted stores were compromised.
  • The company’s broader cybersecurity measures or steps taken post-breach have not been detailed publicly.

What can Stiiizy Do to avoid future data breaches?

Stiiizy can avoid future data breaches by making their systems harder to hack. They can use extra layers of protection like two-step logins, check their systems regularly for weaknesses, and teach employees how to spot fake emails. Regularly updating their software and partnering with cybersecurity experts in Los Angeles, such as Captain IT, can significantly enhance the protection of customer information.

 

Share this post

"*" indicates required fields

Get a FREE Network & Security Assessment

Submit this form and someone will contact you within 5 minutes. We will never share your information with 3rd party agencies.
Anthony
Anthony Hernandez, CEO of Captain IT, is a Los Angeles native and Cal Poly Pomona graduate with a degree in Computer Information Systems and Business. With a lifelong passion for technology, he has extensive experience as a technician, consultant, and technology director. Before founding Captain IT, Anthony spent seven years building a robust IT infrastructure for Green Dot Public Schools. He combines technical expertise with a commitment to exceptional customer satisfaction.
CONSULT NOW

Los Angeles County – (213) 335-3249

Riverside County – (951) 335-4650

Orange County – (714) 200-1228

San Diego County – (619) 877-8027
Social Media
Youtube

Links

Additional Services​

Areas we Serve

Locations

Riverside
Los Angeles
© 2025 Captain IT. All rights reserved. Terms and Conditions | Privacy Policy | Master Service Agreement