Cannabis group hit by $3.6m cyber-fraud

Cannabis producer Cann Group has emerged from a trading halt it requested on Friday to confirm it has been the victim of a “sophisticated cyber fraud” which could end up costing it $3.6 million.

Cann advised that it has experienced a cybersecurity incident, involving an unknown third party. The breach was discovered on February 4th and is currently under investigation.

The company recently made payments of approximately $3.6 million to an overseas contractor in relation to works being undertaken for Cann’s Mildura facility, however, those payments were received by an unknown third party as a result of a complex and sophisticated cyber fraud perpetrated against the company and its overseas contractor.

Cann is working with its bank to determine if any of the payments can be halted and if any of the funds involved are recoverable. The company has also notified its insurance brokers to determine if a claim can be made to recover any of the losses involved.

Cann advised that immediate action has also been taken to ensure the future integrity of its IT systems.

The company confirmed that it is in a financial position to continue with its ongoing operations and projects, which including the construction of its Mildura facility, irrespective of any funds being recovered.

Cann and its overseas contractor are investigating the incident thoroughly, including the engagement of external security and forensic IT experts to assist. The matter has been reported to police in Victoria, Australia, the Netherlands and Hong Kong, as well as the Office of Drug Control.