Case studies of breaches in Cannabis Software. Recently a major Cannabis POS provider found itself on the business end of a sophisticated digital attack not once, not twice, but thrice. Or maybe four times; Poor disclosure policy and a lack of transparency made it hard to tell. A large portion of all dispensaries in the country were forced to enter sales by paper, spreadsheet, or to close their doors temporarily when this software was crashed by attackers. Government contracts were lost. All eyes are on the industry right now and, given its precarious federal legal status, the next moves made will be crucial. What mightve actually happened? How far beyond the carefully prepared press releases can we see by using OSINT, Social Engineering, source code analysis,and some good ol fashioned scripting & hacking? What makes the Cannabis industry a hotbed for this kind of behavior? Lets umm….answer those questions!