A breach in the Firearms Dashboard Portal released viable personal information
CALIFORNIA — Gun owners across California are feeling concerned after a data breach of the Firearms Dashboard Portal released viable personal information.
On June 27, the Firearms Dashboard Portal was breached, exposing the personal information of individuals who were granted or denied a concealed and carry weapons (CCW) permit between 2011 and 2021. Information exposed included names, date of birth, gender, race, driver’s license number, addresses, and criminal history.
Art Bridger, owner of Bridge Sportsman Center in Paso Robles, has heard concerns from customers on the breach.
“A lot of them are concerned about people knowing their private business,” said Bridge.
According to the California Department of Justice (DOJ) investigation social security numbers or any financial information were not disclosed as a result of this event. However, data from the following dashboards were also impacted: Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Safety Certificate, and Gun Violence Restraining Order dashboards.
The DOJ is investigating the extent to which any personally identifiable information could have been exposed from those dashboards and will report additional information as soon as confirmed.
In a recent statement, Attorney General Rob Bonta said, “This unauthorized release of personal information is unacceptable and falls far short of my expectations for this department.”
On the afternoon of June 27, DOJ posted updates to the Firearms Dashboard Portal. DOJ was made aware of a disclosure of personal information that was accessible in a spreadsheet on the portal. After DOJ learned of the data exposure, the department took steps to remove the information from public view and shut down the Firearms Dashboard yesterday morning. The dashboard and data were available for less than 24 hours.
However, many gun owners are skeptical and not surprised that something like this happened in California — a state working to increase gun laws and regulation.
“I think that it’s a serious mistake that they made,” Bridge said. “I don’t know how they are going to correct it now.”
Bonta says he immediately began an investigation into what cause the information to be leaked, adding, “We acknowledge the stress this may cause those individuals whose information was exposed. I am deeply disturbed and angered.”
The DOJ will notify individuals whose data was exposed and provide additional information and resources.
Working with local law enforcement, DOJ will provide support to those whose information was exposed. Their statement on the data breach included the following:
In an abundance of caution, the Department of Justice will provide credit monitoring services for individuals whose data was exposed as a result of this incident. DOJ will directly contact individuals who have been impacted by this incident and will provide instructions to sign up for this service.
Any Californian may take the following steps to immediately protect their information related to credit:
- Monitor your credit. One of the best ways to protect yourself from identity theft is to monitor your credit history. To obtain free copies of your credit reports from the three major credit bureaus go to annualcreditreport.com.
- Consider placing a free credit freeze on your credit report. Identity thieves will not be able to open a new credit account in your name while the freeze is in place. You can place a credit freeze by contacting each of the three major credit bureaus:
- Equifax: equifax.com/personal/credit-report-services/credit-freeze/; 888-766-0008
- Experian: experian.com/freeze/center.html; 888-397-3742
- TransUnion: transunion.com/credit-freeze; 800-680-7289
- Place a fraud alert on your credit report. A fraud alert helps protect you against the possibility of someone opening new credit accounts in your name. A fraud alert lasts 90 days and can be renewed. To post a fraud alert on your credit file, you must contact one of the three major credit reporting agencies listed above. Keep in mind that if place a fraud alert with any one of the three major credit reporting agencies, the alert will be automatically added by the other two agencies as well.
- Additional Resources. If you are a victim of identity theft, contact your local police department or sheriff’s office right away. You may also report identity theft and generate a recovery plan using the Federal Trade Commission’s website at identitytheft.gov. For more information and resources visit the Attorney General’s website at oag.ca.gov/idtheft.