• A friendly and supportive community, register today. Our forums use a separate account system.

Clinics ⚠️ CB1 Medical: Patient/Clinic Data Breach

MackayFlower64 said:
Response?
I haven't seen anything about this until today when looking at MedBud.
Was even on the phone to them yesterday as things are several days delayed on them sending my script. (Coincendence? Probably not)
Click to expand...

First up, welcome to MedBud! @MackayFlower64

I can't remember for sure but I seem to remember them saying they'd contact people affected. If you've not been contacted I would like to think that means you're okay but you would need to contact them to be certain.

I do also remember seeing something about their systems being down for upgrades. This may be why your script was delayed but I'd need someone to confirm that I've got this correct.
 
joint_account said:
First up, welcome to MedBud! @MackayFlower64

I can't remember for sure but I seem to remember them saying they'd contact people affected. If you've not been contacted I would like to think that means you're okay but you would need to contact them to be certain.

I do also remember seeing something about their systems being down for upgrades. This may be why your script was delayed but I'd need someone to confirm that I've got this correct.
Click to expand...
The weekend maintainence was advised by email maybe as early as a week ago, but my Friday request was approved Monday, paid Tuesday and nothing.
When I spoke to them yesterday, the fellow on the phone seemed surprised my order hadn't been sent yet and said next order gets free delivery.
Again, being told it would be dispensed yesterday or at latest today (Which it hasn't been afaict).

So when I go chasing that up and see the data breach and state of things, it's a massive loss of confidence in what's a relatively new prescriber (< 6mo).

Thanks for your quick & warm welcome though! :)
 
MackayFlower64 said:
Response?
I haven't seen anything about this until today when looking at MedBud.
Was even on the phone to them yesterday as things are several days delayed on them sending my script. (Coincendence? Probably not)
Click to expand...
Welcome @MackayFlower64 and although we did get a prescription as normal this week but at the same time they are meant to have sent an email to every customer I think but it's just the post that was put in this thread earlier and they are closed over the long weekend for planned upgrades as you know .
 
Last edited:
can someone confirm the 3 other clinics using overseas 3rd party , so i can stay away from them when looking for a new clinic
 
Just found out about this. I got no email from CB1 Medical about this data breach, I would expect them to mail everyone even if their details where not included. So I've emailed them to ask. The response I've seen on here that some have received really underplays the situation imo. Yes, it could be worse, but still...

The data being up for ~10 weeks makes no real difference, any amount of time equates to forever, the data will be cached, downloaded and might end up as a torrent, or otherwise downloadable from elsewhere, it's not really reversible.
 
High all

I’m with CB1 Medical and haven’t had many problems in terms of day-to-day service, but the data breach in August has left me uneasy. I’ve changed my passwords, but I still don’t know if my personal details were in the leaked files. Has anyone managed to get a straight answer from CB1 about whether they were affected?

I’d also like to hear from patients who switched away after the breach, was it actually better, or just different challenges with supply and costs?
For those who stayed, what reassurances or improvements have you seen from CB1 since?

Or am I being mad and should I just run to the hills?
 
ADHweed said:
High all

For those who stayed, what reassurances or improvements have you seen from CB1 Medical since?

Or am I being mad and should I just run to the hills?
Click to expand...
I've stayed, because it's the most viable for my budget and I believe I joined post-leak.
However, they have ignored my mentions of said leak in my multiple emails regarding delivery delays (They'll give you free delivery if it's dispatched late from the pharmacy, but will only honour this if you pay over the phone?)

The bud is okay for the cost, so I'm twiddling my thumbs between slow exhales and pondering what comes next.
 
Good evening ADHweed 🙏🏼
I'm currently with CB1 Medical and was caught between a rock and a hard place as I was in between changing from Curaleaf to CB1 when all the Data Breach was announced.
I had already been waiting nearly 2 months keen to finally be a legal UKMCP so decided to stick by CB1 in the hope that in light of recent events they would sharpen there pencil, I was still determined to receive my first prescription.
If I had been with CB1 for a period of time beforehand I would have changed clinics as my innital feeling about that didn't sit well with me but knowing I would likely not be affected yet still cautious I decided to stay for my second consultation.
Up until the point of having my second consultation I was happy enough with the service I had received until I was asked a number of questions that really didn't apply to my medical condition and too many intrusive questions that were too close to home for me which none where ever mentioned in my innital consultation which I felt was just generic to say the least.
For those reasons personally I would not recommend this company but what doesn't work for me may work for others 😀
 
ADHweed said:
High all

I’m with CB1 Medical and haven’t had many problems in terms of day-to-day service, but the data breach in August has left me uneasy. I’ve changed my passwords, but I still don’t know if my personal details were in the leaked files. Has anyone managed to get a straight answer from CB1 about whether they were affected?

I’d also like to hear from patients who switched away after the breach, was it actually better, or just different challenges with supply and costs?
For those who stayed, what reassurances or improvements have you seen from CB1 since?

Or am I being mad and should I just run to the hills?
Click to expand...
@GrownHealth can definitely confirm but I'm fairly sure they reached out to people who were directly affected.

In terms of the leak, the data that was leaked was fairly low risk as far as stolen data goes.

Name, contact details, script history and doctor's details were made available in the leak. They weren't hacked, a bad actor stole the details from within. This probably doesn't sound reassuring but at minimum it wasn't a result of poor infrastructure and no major details like financial details were stolen.

I won't bang on about it again, it's all in this thread but I have a relatively decent experience in this as a victim and from a professional perspective.

If I was advising CB1 patients I don't think I would go further than monitoring credit services and maybe at a push using a service like experian to lock down your credit.

Outside of that, even if someone wanted to be malicious I don't think they could do anything else. Maybe message an employer on LinkedIn or something.

Im very critical of CB1 and how they've handled this whole thing but I think you're all safe. If you've not seen any harm now (nearly 4 months on) I doubt you ever will.
 
joint_account said:
@GrownHealth can definitely confirm but I'm fairly sure they reached out to people who were directly affected.

In terms of the leak, the data that was leaked was fairly low risk as far as stolen data goes.

Name, contact details, script history and doctor's details were made available in the leak. They weren't hacked, a bad actor stole the details from within. This probably doesn't sound reassuring but at minimum it wasn't a result of poor infrastructure and no major details like financial details were stolen.

I won't bang on about it again, it's all in this thread but I have a relatively decent experience in this as a victim and from a professional perspective.

If I was advising CB1 Medical patients I don't think I would go further than monitoring credit services and maybe at a push using a service like experian to lock down your credit.

Outside of that, even if someone wanted to be malicious I don't think they could do anything else. Maybe message an employer on LinkedIn or something.

Im very critical of CB1 and how they've handled this whole thing but I think you're all safe. If you've not seen any harm now (nearly 4 months on) I doubt you ever will.
Click to expand...
The only thing we heard in my house was the letter I posted here and no confirmation we were exposed in the breach directly and iirc the same week the app was upgraded and went down and attention shifted as the site was down for days and had its own drama's.
 
GrownHealth said:
The only thing we heard in my house was the letter I posted here and no confirmation we were exposed in the breach directly and iirc the same week the app was upgraded and went down and attention shifted as the site was down for days and had its own drama's.
Click to expand...
Well in that case I stand corrected.

Maybe I'm getting confused with us talking about what we were hoping to see or something.

In that case, I'm firmly back on the fuck CB1 Medical hate train.
 
joint_account said:
Well in that case I stand corrected.

Maybe I'm getting confused with us talking about what we were hoping to see or something.

In that case, I'm firmly back on the fuck CB1 Medical hate train.
Click to expand...
I also know if I push about clinics with my wife at the mo she'll just say sod it and leave MC probably as she prefers BM anyway 😅and it took me ages to get her try try medical so with no obvious switch without forking out we're pretty much stuck but the annual £50 fee is looming and that'd leave a bitter taste after what's gone on.
 
Wow, high and thanks everyone, I share the same feelings. To be fair, they have treated me fairly well but that’s the point. I shouldn’t feel like I’m being treated “fairly well” when I’m paying £50 annually and £5.82 for every delivery, on top of whatever cut they make off the cost of the medication itself, and still being made to feel like I’m begging for my meds.

At the end of the day, I just want to be a valuable, contributing member of society. Cannabis is the glue that keeps me functional, the kryptonite to my “superpowers,” the only way Gotham stays safe 😳🤣


So the big question no one has answered yet: who is actually better?
 
i have been trying to get 2 ??? awnsered by CB1 Medical and they seem unable to awnser them can anyone else awnser them as this morning i was fobbed of agin with incunclusive awnsers to these ???
would you please forward me the answers to the questions please about he data breach

  1. How long the information was accessible for; they say only hours ????
  2. Whether any individual(s) accessed the website / information and if so, how many; we all know people did as people on this forum have downloaded them

thi was there response this morning

Dear Jason,

To add to the previously issued FAQs -
- The file was removed from the file-hosting site within hours of being discovered.
- While the file was removed swiftly, we dob't believe it technically possible to confirm whether it was access during the period.


can anyone give me and sort of awnsers to these ??? pls , as CB1 see reluctant to
 
303 said:
i have been trying to get 2 ??? awnsered by CB1 Medical and they seem unable to awnser them can anyone else awnser them as this morning i was fobbed of agin with incunclusive awnsers to these ???
would you please forward me the answers to the questions please about he data breach

  1. How long the information was accessible for; they say only hours ????
  2. Whether any individual(s) accessed the website / information and if so, how many; we all know people did as people on this forum have downloaded them

thi was there response this morning

Dear Jason,

To add to the previously issued FAQs -
- The file was removed from the file-hosting site within hours of being discovered.
- While the file was removed swiftly, we dob't believe it technically possible to confirm whether it was access during the period.


can anyone give me and sort of awnsers to these ??? pls , as CB1 see reluctant to
Click to expand...
1) In information was available for 2-3 Months. it was first uploaded in the first week of June 2025. CB1 got it removed a few hours after they found out, at which point it had been publicly available for months. They're being diliberately misleading and using language like hours because it was up about 18 hours after they were made aware but they were not made aware when it first happened.

2) We can't be sure but it was uploaded to a very popular platform typically used for stolen details. so a fair sum of the people who frequent these sites are likely looking for details.

There isn't much that was stolen that can be used for anything; Names, contact details, script history and doctor details were the bulk of the damage from what I understand. I appreciate that doesn't make things much better but I figure there's some comfort in knowing the people who may have accessed these probably considered them useless for most purposes.
 
Last edited:
Just my 2 pence, breached data that's out there, remains out there. You can still get a specifically tailored scam in 5 years when e.g. MC is an even bigger biz, or you'll never hear from them again. Always assume your data is breached - we don't control it.
 

  Similar Discussions (Automatically Generated)

  • Pinned
Clinics Birmingham Cannabis Clinic
Replies
0
Views
83
GrownHealth
GrownHealth
  • Pinned
Clinics Chelsea Cannabis Clinic
Replies
1
Views
108
S.O.H™
S.O.H™
  • Pinned
Clinics London Cannabis Clinic
Replies
0
Views
98
GrownHealth
GrownHealth
  • Pinned
Clinics Medisonal® Clinic
Replies
0
Views
89
GrownHealth
GrownHealth
  • Pinned
Clinics Via Clinic
Replies
0
Views
99
GrownHealth
GrownHealth
Back
Top