Cyber Incident Victim: MJ Freeway
Date:
Jan 2017
Location:
United States of America
Summary
Hackers disrupted operations at marijuana retailers by attacking MJ Freeway, a critical software platform managing sales, inventory, and regulatory reporting. The cyberattack corrupted data and destabilized the system, forcing businesses to manually process transactions, significantly slowing customer service. While no data theft or ransom demands occurred, the company initiated forensic investigations and collaborated with law enforcement to identify the perpetrators. Recovery efforts involved restoring operations from backups and transitioning clients to alternative systems during remediation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 6 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early January 2017, hackers targeted MJ Freeway, a software platform critical for marijuana dispensaries' sales tracking, inventory management, and regulatory compliance reporting. The attack specifically corrupted operational data, destabilizing the system without evidence of data exfiltration or ransom demands. MJ Freeway representatives confirmed the incident as a deliberate cyberattack against their infrastructure, though no hacking group claimed responsibility. The company initiated a forensic investigation to determine the attack's origin and methodology, collaborating with law enforcement agencies to pursue criminal inquiries. Disruptions began impacting clients by January 11, forcing businesses to revert to manual sales and inventory processes that significantly slowed operations. Multiple dispensaries publicly acknowledged the outage, with one retailer (NETA) advising customers of extended transaction times and recommending delayed visits until service restoration.
The incident necessitated MJ Freeway's deployment of alternative systems while restoring corrupted data from existing backups, though recovery timelines extended beyond initial expectations. Affected businesses maintained operations during the outage by using Washington State's functional virtual gateway for regulatory compliance, despite losing automated reporting capabilities through MJ Freeway's platform. Company representatives emphasized backup availability but acknowledged restoration complexities contributing to prolonged service interruptions. No customer or financial data breaches were reported, with impact confined to operational disruption and data integrity issues. MJ Freeway maintained ongoing communication with clients throughout the recovery process while investigators worked to attribute the attack and assess full technical repercussions.