STIIIZY
Company Details
Linkedin ID:
stiiizy
Website:
Employees number:
684
Number of followers:
33,760
NAICS:
30
Industry Type:
Homepage:
stiiizy.com
IP Addresses:
0
Company ID:
STI_2209862
Scan Status:
In-progress
STIIIZY Company CyberSecurity Posture
stiiizy.com
STIIIZY isn’t just a brand. It’s a lifestyle, a culture, and a revolution in cannabis. We’re redefining the game with innovative products that combine cutting-edge technology, premium flower, and pure, potent extracts crafted for those who demand the best. Our proprietary delivery system is sleek, portable, and discreet, engineered to seamlessly fit into your lifestyle. From signature devices to high-quality concentrates, every product is designed to deliver an elevated experience that is bold, smooth, and unforgettable. Powered by a team of visionaries and cannabis trailblazers, STIIIZY is setting trends, breaking boundaries, and shaping the future of the industry. With innovation at our core and a commitment to community, we are here to inspire, influence, and lead the culture forward. STIIIZY isn’t just a product. It’s a movement. Join us as we elevate cannabis, together. Stay lifted. Stay inspired. Stay STIIIZY.
STIIIZY A.I CyberSecurity Scoring
STIIIZY Risk Score (AI oriented)Between 600 and 649
STIIIZY
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
STIIIZY Global Score (TPRM)XXXX
STIIIZY
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
STIIIZY Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Stiiizy, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Maine Office of the Attorney General reported a data breach involving Stiiizy, Inc. on January 9, 2025. The breach occurred from October 10, 2024 to November 10, 2024, affecting approximately 380,000 individuals, including 212 residents in Maine. The compromised personal information includes names, addresses, and government-issued ID details. Identity theft protection services, including 12 months of credit monitoring, are being offered to those impacted.
STIIIZY
Ransomware
Rankiteo Explanation
Attack limited on finance or reputation
Description: STIIIZY, a cannabis dispensary, became a victim of the ransomware group Everest earlier in the year. Recently, the darknet leak site used by Everest to publish victim data was defaced and subsequently went offline, disrupting their operations. Although the nature and perpetrator of this defacement are undetermined, no affiliates have reported being scammed, and no law enforcement splash page has been associated with the incident. There are no specific details about the loss suffered by STIIIZY due to this incident, but the overall situation suggests it might have caused a reputational or potentially financial impact without direct evidence of significant data leaks.
STIIIZY Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for STIIIZY
Incidents vs Manufacturing Industry Average (This Year)
STIIIZY has 25.0% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
STIIIZY has 29.87% more incidents than the average of all companies with at least one recorded incident.
Incident Types STIIIZY vs Manufacturing Industry Avg (This Year)
STIIIZY reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — STIIIZY (X = Date, Y = Severity)
STIIIZY cyber incidents detection timeline including parent company and subsidiaries
STIIIZY Company Subsidiaries
STIIIZY isn’t just a brand. It’s a lifestyle, a culture, and a revolution in cannabis. We’re redefining the game with innovative products that combine cutting-edge technology, premium flower, and pure, potent extracts crafted for those who demand the best. Our proprietary delivery system is sleek, portable, and discreet, engineered to seamlessly fit into your lifestyle. From signature devices to high-quality concentrates, every product is designed to deliver an elevated experience that is bold, smooth, and unforgettable. Powered by a team of visionaries and cannabis trailblazers, STIIIZY is setting trends, breaking boundaries, and shaping the future of the industry. With innovation at our core and a commitment to community, we are here to inspire, influence, and lead the culture forward. STIIIZY isn’t just a product. It’s a movement. Join us as we elevate cannabis, together. Stay lifted. Stay inspired. Stay STIIIZY.
Loading...
STIIIZY Similar Companies
P&G was founded more than 185 years ago as a soap and candle company. Today, we’re one of the world’s largest consumer goods companies and home to iconic, trusted brands, including Always®, Charmin®, Braun®, Fairy®, Febreze®, Gillette®, Head & Shoulders®, Oral B®, Pantene®, Pampers®, Tide®, and Vick
Amway
Amway is a business owner-led health and wellbeing company based in Ada, Michigan, USA. It is committed to helping people live better, healthier lives across more than 100 markets and territories worldwide. Top-selling brands for Amway are Nutrilite™, Artistry™, and XS™ —all sold exclusively by entr
the LEGO Group
We are the LEGO Group, the company behind the world’s most loved LEGO® bricks. Our brand name derived from the two Danish words Leg Godt, which mean “Play Well”. We’ve been sparking imaginations and inspiring the builders of tomorrow since 1932. This is our mission and what motivates our colleague
Jarden Corporation
Jarden Corporation is now part of Newell Brands, a global consumer goods company with a strong portfolio of well-known brands, including Paper Mate®, Sharpie®, Dymo®, EXPO®, Parker®, Elmer’s®, Coleman®, Jostens®, Marmot®, Rawlings®, Irwin®, Lenox®, Oster®, Sunbeam®, FoodSaver®, Mr. Coffee®, Rubbe
Mattel, Inc.
We empower generations to explore the wonder of childhood and reach their full potential. We treat play as if the future depends on it — because it does. Play is our language, and we speak to our consumers authentically by representing the world as they see and imagine it. Mattel is a leading glob
Ternium
Ternium (NYSE:TX) is the largest steel producer in Latin America. With production centers in Argentina, Brazil, Colombia, the United States, Guatemala, and Mexico, Ternium has an extensive network of service and distribution centers in the continent, in addition to participating in the control group
Godrej Enterprises Group
Since 1897, Godrej Enterprises Group (which includes Godrej & Boyce and its affiliates) has contributed significantly to India’s economic growth and self-reliance by providing complex engineering, design led innovation, and sustainable manufacturing solutions. From the world’s first patented springl
Future Group India
About Working with Future Group gives you an opportunity to be part of a family with a unique culture and beliefs. Drawing from the vision of modern Indian retail, we have built a company that our people are proud of and our customers and communities value. Mission We share the vision and b
Colgate-Palmolive
Make More Smiles. We are Colgate-Palmolive, a caring, innovative growth company that is reimagining a healthier future for all people, their pets and our planet. For over 200 years, we've poured our care into creating a future where everyone has more reasons to smile. CP People develop, produce, dis
.png)
STIIIZY CyberSecurity News
June 30, 2025 01:58 PM
Class Action Lawsuit Attorneys Investigating Stiiizy Data Breach
Class action attorneys with Console Associates, P.C. indicated they are investigating the data breach that affected cannabis brand Stiiizy,...
April 18, 2025 07:00 AM
Inside Stiiizy, The World’s Best-Selling Weed Brand
James Kim's Los Angeles-based cannabis company grew from a scrappy startup in 2017 to a legal unicorn worth $1.5 billion.
February 25, 2025 08:00 AM
The Growing Cybersecurity Risks in the Cannabis Industry
Those familiar with the industry know that cannabis retailers find themselves in a unique position compared to other product retailers.
February 18, 2025 08:00 AM
Data Breach 2025: PowerSchool Breach, Stiiizy, NYBC, RUMC, Medusind, and More [Jan]
Data breaches, ransomware attacks, and leaks in January 2025 — from education to fintech, from cannabis stores to blood donation centers.
January 21, 2025 08:00 AM
MSP cybersecurity news digest, January 15, 2025
Newly discovered phishing campaign delivers XMRig cryptominer through fake CrowdStrike job offer emails, STIIIZY cannabis brand discloses...
January 17, 2025 08:00 AM
The Great Cannabis Hack—380,000 Pot Users Impacted By Attack
A Californian cannabis brand has confirmed that customer information was compromised following a data breach at a vendor—here's what 380000...
January 14, 2025 08:00 AM
Customer Data of Cannabis Brand Stiiizy Exposed in Data Breach
California-based cannabis brand Stiiizy said some customer identification information and transaction history from multiple California...
January 13, 2025 08:00 AM
Top cannabis brand Stiiizy says hackers got access to its systems
Stiiizy, a popular Los Angeles-based cannabis company, confirmed suffering a cyberattack in late 2024 in which it lost plenty of sensitive customer information.
January 13, 2025 08:00 AM
13th January – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 13th January, please download our Threat Intelligence Bulletin.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
STIIIZY CyberSecurity History Information
Official Website of STIIIZY
The official website of STIIIZY is https://www.stiiizy.com/.
STIIIZY’s AI-Generated Cybersecurity Score
According to Rankiteo, STIIIZY’s AI-generated cybersecurity score is 618, reflecting their Poor security posture.
How many security badges does STIIIZY’ have ?
According to Rankiteo, STIIIZY currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does STIIIZY have SOC 2 Type 1 certification ?
According to Rankiteo, STIIIZY is not certified under SOC 2 Type 1.
Does STIIIZY have SOC 2 Type 2 certification ?
According to Rankiteo, STIIIZY does not hold a SOC 2 Type 2 certification.
Does STIIIZY comply with GDPR ?
According to Rankiteo, STIIIZY is not listed as GDPR compliant.
Does STIIIZY have PCI DSS certification ?
According to Rankiteo, STIIIZY does not currently maintain PCI DSS compliance.
Does STIIIZY comply with HIPAA ?
According to Rankiteo, STIIIZY is not compliant with HIPAA regulations.
Does STIIIZY have ISO 27001 certification ?
According to Rankiteo,STIIIZY is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of STIIIZY
STIIIZY operates primarily in the Manufacturing industry.
Number of Employees at STIIIZY
STIIIZY employs approximately 684 people worldwide.
Subsidiaries Owned by STIIIZY
STIIIZY presently has no subsidiaries across any sectors.
STIIIZY’s LinkedIn Followers
STIIIZY’s official LinkedIn profile has approximately 33,760 followers.
NAICS Classification of STIIIZY
STIIIZY is classified under the NAICS code 30, which corresponds to Manufacturing.
STIIIZY’s Presence on Crunchbase
No, STIIIZY does not have a profile on Crunchbase.
STIIIZY’s Presence on LinkedIn
Yes, STIIIZY maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/stiiizy.
Cybersecurity Incidents Involving STIIIZY
As of December 13, 2025, Rankiteo reports that STIIIZY has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
STIIIZY has an estimated 7,851 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at STIIIZY ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware and Breach.
Incident Details
Can you provide details on each incident ?
Title: STIIIZY Ransomware Attack by Everest Group
Description: STIIIZY, a cannabis dispensary, became a victim of the ransomware group Everest earlier in the year. Recently, the darknet leak site used by Everest to publish victim data was defaced and subsequently went offline, disrupting their operations. Although the nature and perpetrator of this defacement are undetermined, no affiliates have reported being scammed, and no law enforcement splash page has been associated with the incident. There are no specific details about the loss suffered by STIIIZY due to this incident, but the overall situation suggests it might have caused a reputational or potentially financial impact without direct evidence of significant data leaks.
Type: Ransomware
Threat Actor: Everest
Motivation: Financial
Title: Stiiizy, Inc. Data Breach
Description: The Maine Office of the Attorney General reported a data breach involving Stiiizy, Inc. on January 9, 2025. The breach occurred from October 10, 2024 to November 10, 2024, affecting approximately 380,000 individuals, including 212 residents in Maine, with compromised personal information such as names, addresses, and government-issued ID details. Identity theft protection services, including 12 months of credit monitoring, are being offered to those impacted.
Date Detected: 2025-01-09
Date Publicly Disclosed: 2025-01-09
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware STI738040725
Brand Reputation Impact: Potential reputational impact
Incident : Data Breach STI142072725
Data Compromised: Names, Addresses, Government-issued id details
Identity Theft Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Addresses, Government-Issued Id Details and .
Which entities were affected by each incident ?
Incident : Ransomware STI738040725
Entity Name: STIIIZY
Entity Type: Cannabis Dispensary
Industry: Cannabis
Incident : Data Breach STI142072725
Entity Name: Stiiizy, Inc.
Entity Type: Company
Customers Affected: 380000
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach STI142072725
Type of Data Compromised: Names, Addresses, Government-issued id details
Number of Records Exposed: 380000
Sensitivity of Data: High
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware STI738040725
Ransomware Strain: Everest
References
Where can I find more information about each incident ?
Incident : Data Breach STI142072725
Source: Maine Office of the Attorney General
Date Accessed: 2025-01-09
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Maine Office of the Attorney GeneralDate Accessed: 2025-01-09.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Everest.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-01-09.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-01-09.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, addresses, government-issued ID details and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were names, addresses and government-issued ID details.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 380.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Maine Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. In versions 2.5.377 and below, an unchecked offset and size used in a memcpy operation inside PCSX2's CDVD SCMD 0x91 and SCMD 0x8F handlers allow a specially crafted disc image or ELF to cause an out-of-bounds read from emulator memory. Because the offset and size is controlled through MG header fields, a specially crafted ELF can read data beyond the bounds of mg_buffer and have it reflected back into emulated memory. This issue is fixed in version 2.5.378.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via crafted compressed input. With certain crafted compressed inputs, elements from the output buffer can end up in the uncompressed output, potentially leaking sensitive data. This is relevant for applications that reuse the same output buffer to uncompress multiple inputs. This can be the case of a web server that allocates a fix-sized buffer for performance purposes. There is similar vulnerability in GHSA-cmp6-m4wj-q63q. This issue is fixed in version 3.4.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=zone. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=stiiizy' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
