GrowDiaries databreach exposed 3.4M records of cannabis online community


Researcher Volodymyr “Bob” Diachenko reported a data breach linked to GrowDiaries with at least 1.4 million email and IP address records, along with 2 million user posts that are unsecured and accessible.

In his November 3 report, he claimed that private data including passwords, posts, email addresses, and IP addresses were exposed between September 22 and October 15. 

The breach allegedly occurred after two open-source application Kibana apps, which are usually reserved for developers were left open.

GrowDiaries cannabis community outed

GrowDiaries is an online community and journaling platform designed to support and advise marijuana growers. The platform has a large and strong membership mainly cannabis growers and enthusiasts around the world. The chat and journaling features allow them to share photos, tips, and advice to their diverse user group.

It’s important to note that many members on the site are from countries where pot is illegal. Identities are supposed to be anonymous, with only usernames visible on the site.