News|Industry News By Drew BryantJune 30th, 2022, theloadoutblog.com On Monday, a massive data leak exposed the personal information of California residents who applied for, received, or were denied a concealed […]
By Drew Bryant
June 30th, 2022, theloadoutblog.com
On Monday, a massive data leak exposed the personal information of California residents who applied for, received, or were denied a concealed carry permit over the last ten years. The personal information was available for concealed carry permit applicants from 2011-2021, according to the California Department of Justice (DOJ). This information was unlawfully disclosed online during an website update by California’s DOJ and the private information was made available online for less than 24 hours.
The update was to California’s 2022 Firearm Dashboard Portal. This portal allows for the general public to search for: Dealer Record of Sales, Gun Violence Restraining Orders, Concealed Carry Permits, Assault Weapons, Firearm Safety Certificates, and the Roster of Certified handguns. Personal identifying information of the individual was to be protected in this collected data, according to the California’s DOJ.
The California DOJ writes:
DOJ seeks to balance its duties to provide gun violence and firearms data to support research efforts while protecting the personal identifying information in the data the Department collects and maintains.
This data leak, could potentially put hundreds of thousands of residents information at risk in the state of California. The information included names, birthdates, addresses, driver’s license numbers, and criminal histories. Social security numbers and financial information was released during this breach of information.
The five additional state operated databases were also compromised during this website update. The compromised databases include but not limited to the Domestic Violence Restraining Order, Assault Weapon Registry, and Safety Certificates. The Californian DOJ does not express to what lengths this personal data was compromised or what information was made visible to the general public.
In a press release, California Attorney General Rob Bonta and the Department of Justice are launching an internal investigation into how the data leak could have occurred. Within that press release he discusses what private information was compromised by the leak and his dissatisfaction in the information being made public.
“This unauthorized release of personal information is unacceptable and falls far short of my expectations for this department, AG Rob Bonta said in a statement.
The office of AG Rob Bonta did not immediate respond to questions from the press on an estimate on how many California residents were affected by this breach. Roughly, 40,000 CCW permits were issued last year. At its peak in 2016 permit approvals reached over 100,000 CCW permits were issued, according to California’s DOJ.
The California Rifle and Pistol Association (CRPA) called the data leak, “a privacy breach of stunning proportions.” The CPRA demanded that the California DOJ not to restore the dashboard until it is certain that no private information can be accessed.
Leaked data puts thousands of people at risk, including judges, prosecutors and law enforcement officers, said the firearms group, which called the breach “a massive violation of California law.”
The CRPA has reached out to their attorneys to explore all options including litigation to protect the privacy of Californian gun owners. While investigating all legal avenues the CRPA demands an independent investigation into the data leak of information. The Association is expecting the DOJ to act promptly, “to be completely transparent about what occurred [and] take all steps necessary to limit the damage.”
Below, is the press release from AG Rob Bonta on the data leak that occurred.
The California Department of Justice has announced that personal information was disclosed in connection with the June 27, 2022 update of its Firearms Dashboard Portal. Based on the Department’s current investigation, the incident exposed the personal information of individuals who were granted or denied a concealed and carry weapons (CCW) permit between 2011-2021. Information exposed included names, date of birth, gender, race, driver’s license number, addresses, and criminal history. Social Security numbers or any financial information were not disclosed as a result of this event. Additionally, data from the following dashboards were also impacted: Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Safety Certificate, and Gun Violence Restraining Order dashboards. DOJ is investigating the extent to which any personally identifiable information could have been exposed from those dashboards and will report additional information as soon as confirmed.
“This unauthorized release of personal information is unacceptable and falls far short of my expectations for this department,” said Attorney General Rob Bonta. “I immediately launched an investigation into how this occurred at the California Department of Justice and will take strong corrective measures where necessary. The California Department of Justice is entrusted to protect Californians and their data. We acknowledge the stress this may cause those individuals whose information was exposed. I am deeply disturbed and angered.”
On the afternoon of June 27, 2022, DOJ posted updates to the Firearms Dashboard Portal. DOJ was made aware of a disclosure of personal information that was accessible in a spreadsheet on the portal. After DOJ learned of the data exposure, the department took steps to remove the information from public view and shut down the Firearms Dashboard yesterday morning. The dashboard and data were available for less than 24 hours.
In the coming days, the Department will notify those individuals whose data was exposed and provide additional information and resources. California law requires a business or state agency to notify any California resident whose unencrypted personal information, as defined, was acquired, or reasonably believed to have been acquired, by an unauthorized person.
DOJ asks that anyone who accessed such information respect the privacy of the individuals involved and not share or disseminate any of the personal information. In addition, possession of or use of personal identifying information for an unlawful purpose may be a crime. (See Cal Penal Code Sec. 530.5.)
We are communicating with law enforcement partners throughout the state. In collaboration, we will provide support to those whose information has been exposed.
In an abundance of caution, the Department of Justice will provide credit monitoring services for individuals whose data was exposed as a result of this incident. DOJ will directly contact individuals who have been impacted by this incident and will provide instructions to sign up for this service.
Any Californian may take the following steps to immediately protect their information related to credit:
Monitor your credit. One of the best ways to protect yourself from identity theft is to monitor your credit history. To obtain free copies of your credit reports from the three major credit bureaus go to https://www.annualcreditreport.com.
Consider placing a free credit freeze on your credit report. Identity thieves will not be able to open a new credit account in your name while the freeze is in place. You can place a credit freeze by contacting each of the three major credit bureaus:
Equifax: https://www.equifax.com/personal/credit-report-services/credit-freeze/; 888-766-0008
Experian: https://www.experian.com/freeze/center.html; 888-397-3742
TransUnion: https://www.transunion.com/credit-freeze; 800-680-7289
Place a fraud alert on your credit report. A fraud alert helps protect you against the possibility of someone opening new credit accounts in your name. A fraud alert lasts 90 days and can be renewed. To post a fraud alert on your credit file, you must contact one of the three major credit reporting agencies listed above. Keep in mind that if place a fraud alert with any one of the three major credit reporting agencies, the alert will be automatically added by the other two agencies as well.
Additional Resources. If you are a victim of identity theft, contact your local police department or sheriff’s office right away. You may also report identity theft and generate a recovery plan using the Federal Trade Commission’s website at identitytheft.gov. For more information and resources visit the Attorney General’s website at oag.ca.gov/idtheft.
Thanks For Reading
If you enjoyed this post, hit that like button, share it a friend, and subscribe. If you have any suggestions, ideas, or comments. Please feel free to drop a comment. Be Humble. Train until only savagery remains and stay deadly ladies and gents.