Envelope typo exposes 40,000 medical marijuana users and location of their pot
Accidentally leaked credentials
The patients received envelopes from Canada’s health system blaring the return address, “Medical Marijuana Access Program,” across the top, followed by the individual’s name and address.
Many of the smokers are in a state. They say their privacy has been violated and fear their houses may be robbed and their home gardens targeted.
“I’m outright panicked,” Multiple Sclerosis patient Suzi Berardini, who also suffers from trigeminal neuralgia, told Metro. She said the mailman who dropped the letter off “smirked” when he handed her the envelope. “It’s terrifying. So many levels of terrifying.”
Ironically, program changes that soon will bar patients from growing their own marijuana at home were made -- according to the letter – partly because of concerns participants will become victims of home invasions.
Health Canada Deputy Minister George Da Pont said the format of the mailing was the result of an “administrative error.”
“This is not standard Health Canada practice,” he wrote in an email to Metro. “On behalf of Health Canada, I deeply regret this administrative error. Health Canada is taking steps to ensure this does not happen again.
Rick Gauthier is now considering moving from his small town in Quebec. He worries Canada Post workers may even steal his medicine.
Beradini is apprehensive about that too. “Any Joe Blow who works at Canada Post now might know where I am and that I’m a patient and can easily think, ‘well, if she’s a legal patient, she must have meds,’” she said.
A spokesperson with Canada’s office of the Information and Privacy Commissioner said in an email:
“Our office was not notified by Health Canada of this incident. We were made aware of it by a number of concerned individuals who contacted our office. We have since received complaints and we will be investigating this matter,” Omerod wrote. “We have been in touch with Health Canada and are currently gathering further information.”
Michael Greenblatt’s letter went through several hands before it was delivered to his room at a nursing home. When the letter finally arrived, he said the delivery person said, “’I would sure like to be in this program.’”
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.
Healthcare and Public Health
November 21, 2013
Link to report
location of breach
location of perpetrators
date breach occurred
date breach detected