Namaste Technologies, a customer experience specialist in the medicinal cannabis space, discovered that a list of email users had been uploaded by an employee to a third-party email service provider to solicit unauthorized cannabis sales, the firm announced on Friday.
The emails of registrants with Namaste MD were uploaded on May 4th, the company believes. Namaste MD users were sent emails over a five-day period, it adds.
Except for names and email addresses, there was no personally identifiable information uploaded or used, the company claims.
The Toronto-based company is hiring a security expert to help with a review of its data control and security policies. In addition, it has contacted the affected users.
The third-party provider has deleted the names and email information upon request, it says.