Marijuana Website ‘GrowDiaries’ Exposed User Data

Share This Post

GrowDiary is a social media platform where marijuana growers can post posts about their plants and talk to other growers. Two of its servers have leaked user data such as usernames and passwords.

Loss of security of GrowDiary

Security researcher Bob Diachenko posted a report on LinkedIn stating that GrowDiary did not secure two of its Kibana apps used to manage Elasticsearch databases. As a result, one database with 1.4 million records exposed usernames, email addresses and IP addresses, and the second database with 2 million records exposed user passwords and posts. Payment details were not exposed. Passwords were hashed using MD5, an algorithm known to be easily cracked.

Mr. Diachenko discovered the databases on October 10, 2020. GrowDiary acknowledged the breach and secured the data on October 15. The company did not disclose whether the databases were accessed by unwanted third parties, but Mr. is not the only one looking for insecure servers.


Related Posts

For iOS 16 and macOS Ventura, Safari will support AVIF

It took ten years for Safari to support WebP,...

iPhone 14 parts are now being shipped from Apple providers

Trying to Get Ahead of Possible Supply Chain Constraints....

Now that CarPlay is out, you can use it on your Tesla with just two Raspberry Pi’s

Tesla Android Project in action – driving around with...

Service packages could be where Apple TV + finds its purpose

“Apple TV+ will likely never be material financially for...

A Google Maps competitor announces a significant update to its own iPhone and android navigation app

Earlier this month, the company updated its mobile applications...