Threatwatch

Envelope typo exposes 40,000 medical marijuana users and location of their pot

Accidentally leaked credentials

The patients received envelopes from Canada’s health system blaring the return address, “Medical Marijuana Access Program,” across the top, followed by the individual’s name and address.

Many of the smokers are in a state. They say their privacy has been violated and fear their houses may be robbed and their home gardens targeted.

“I’m outright panicked,” Multiple Sclerosis patient Suzi Berardini, who also suffers from trigeminal neuralgia, told Metro. She said the mailman who dropped the letter off “smirked” when he handed her the envelope. “It’s terrifying. So many levels of terrifying.”

Ironically, program changes that soon will bar patients from growing their own marijuana at home were made -- according to the letter – partly because of concerns participants will become victims of home invasions.

Health Canada Deputy Minister George Da Pont said the format of the mailing was the result of an “administrative error.”

“This is not standard Health Canada practice,” he wrote in an email to Metro. “On behalf of Health Canada, I deeply regret this administrative error. Health Canada is taking steps to ensure this does not happen again.

Rick Gauthier is now considering moving from his small town in Quebec. He worries Canada Post workers may even steal his medicine.

Beradini is apprehensive about that too.  “Any Joe Blow who works at Canada Post now might know where I am and that I’m a patient and can easily think, ‘well, if she’s a legal patient, she must have meds,’” she said.

A spokesperson with Canada’s office of the Information and Privacy Commissioner said in an email:

“Our office was not notified by Health Canada of this incident. We were made aware of it by a number of concerned individuals who contacted our office. We have since received complaints and we will be investigating this matter,” Omerod wrote. “We have been in touch with Health Canada and are currently gathering further information.”

Michael Greenblatt’s letter went through several hands before it was delivered to his room at a nursing home. When the letter finally arrived, he said the delivery person said, “’I would sure like to be in this program.’”

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.

sector

Healthcare and Public Health

reported

November 21, 2013

reported by

Metro

number affected

40,000 patients

location of breach

Canada

perpetrators

Employees

location of perpetrators

Canada

date breach occurred

November 2013

date breach detected

November 2013