The California Department of Justice has confirmed a data breach of personal information of more than 200,000 Concealed Carry Weapon (CCW) permit holders across the state.
The information was disclosed in connection with the June 27, 2022 update of the DOJ’s Firearms Dashboard Portal.
The DOJ says the incident exposed the personal information of individuals who were granted or denied a concealed and carry weapons permit between 2011-2021. The information disclosed includes full name, date of birth, address, gender, race, CCW license number, California Information Index number (which is automatically generated during a fingerprint check for a CCW or for another purpose), and other government-issued identifiers. In some cases, exposed information may also include driver’s license number, and internal codes corresponding to the statutory reason that a person is prohibited from possessing a firearm. Social Security numbers and financial information were not disclosed as a result of this event.
Additionally, the DOJ is investigating the extent to which any personally identifiable information could have been exposed from the following dashboards: Assault Weapon Registry, Dealer Record of Sale, Firearm Certification System, and Gun Violence Restraining Order dashboards. No personal information was disclosed from the Handguns Certified for Sale file.
This is private information and was not supposed to be visible to the public.
“This unauthorized release of personal information is unacceptable and falls far short of my expectations for this department,” said California Attorney General Rob Bonta in a news release. “I immediately launched an investigation into how this occurred at the California Department of Justice and will take strong corrective measures where necessary. The California Department of Justice is entrusted to protect Californians and their data. We acknowledge the stress this may cause those individuals whose information was exposed. I am deeply disturbed and angered.”
The DO immediately shut down the portal upon notification of the breach, However, some CCW holders may have already had their personal information compromised.
The DOJ will notify those individuals whose data was exposed and provide additional information and resources. California law requires a business or state agency to notify any California resident whose unencrypted personal information, as defined, was acquired, or reasonably believed to have been acquired, by an unauthorized person.
In an abundance of caution, the DOJ says it will provide credit monitoring services for individuals whose data was exposed as a result of this incident. against the possibility of someone opening new credit accounts in your name.
The Morro Bay Police Department has been informed of the data breach and urges anyone with questions to contact the Department of Justice at (916) 210-6276 or call their toll-free number (800) 952-5225.
Readers that think their personal information may have been obtained through this breach, can file a report online with the Department of Justice, or contact MBPD at (805) 772-6225.