A medical marijuana dispensary in the Philadelphia suburbs issued an apology to patients Thursday after someone hacked a page displaying its Google search results and posted the phone number of an illicit weed dealer.
Ilera Healthcare, which operates a dispensary in Plymouth Meeting, discovered the hack on Monday, said chief operating officer Oludare Odumosu.
The company exacerbated the embarrassment by issuing a letter to patients that mentioned "black-market dealers who diverted Ilera proprietary contact and product information." That led some to believe their personal data had been jeopardized.
A "well-meaning employee" then compounded the kerfuffle by posting a note to Instagram. The note, headlined (correctly) "Medical marijuana is a privilege, not a right," went on to say: "Don't jeopardize your right to use medical marijuana. Medical marijuana can only be sold through approved dispensaries with a valid medical card." The statement is true.
The Instagram post triggered indignation among cannabis advocates who launched a short lived #boycottIlera campaign. Odumosu could not say if the boycott had an impact on sales.
"We apologize to anyone who was offended," Odumosu said. "I personally want to say I'm sorry. It was a bad response to a bad problem. It happened so fast and wasn't vetted. But, I can assure there was no patient data breached and all patient information is safe."
Ilera reported the incident to Google and the Pennsylvania Department of Health.
Nate Wardle, spokesperson for the department, said the hack appeared to have been contained to the Google page. Wardle said there was no evidence the hacker gained access to Ilera's portal to MJFreeway, the seed-to-sale computer system that tracks all sales and patient records in the state.
Engagement editor Tauhid Chappell contributed to this article.