In an incident which can only be described with a 🤦♂️, shareholders of cannabis company Cann Group (ASX: CAN) are understandably frustrated in the Company which has reported a cybersecurity breach that resulted in $3.6 million going missing.
The incident was discovered on 4 February and immediately led Cann to enter a trading halt as the Company scrambled to understand why payments made to an overseas contractor were not received.
As reported by Cann’s ASX release, “those payments have been received by an unknown third party as a result of a complex and sophisticated cyber fraud perpetrated against the Company and its overseas contractor.”
While Cann has funds to continue its day-to-day operations, the Company is working with its bank in an effort to recoup the $3.6m and has notified its insurance brokers hoping the funds can be recovered as a claim if the bank is unsuccessful.
Cann Group has not disclosed exactly how the $3.6m was sent to an unknown account but common online scams that normally target individuals commonly take place when scammers alter the bank details on invoices. In those instances, funds are rarely recovered from banks as scammers withdraw them immediately.
Cann has engaged external security and forensic IT experts to assist on the incident and notified authorities in Australia, the Netherlands and Hong Kong.