California DOJ apologizes for ‘unacceptable’ breach involving Firearms Dashboard
California’s Justice Department admitted this week that personal information was leaked after it debuted a new version of its Firearms Dashboard Portal.
The state’s Department of Justice on Monday relaunched the portal, which allows the public to see some information about the firearms owned in the state. But it was taken down the following day because it exposed the personal information of anyone who was granted or denied a concealed and carry weapons permit between 2011-2021, said Attorney General Rob Bonta.
This included names, date of birth, gender, race, driver’s license number, addresses, and criminal history. The California DOJ added that information from the Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Certificate Safety, and Gun Violence Restraining Order dashboards was also leaked.
Bonta said the department is still investigating how exposed the information was. The department did not respond to requests for comment about how many people were affected by the breach.
“This unauthorized release of personal information is unacceptable and falls far short of my expectations for this department,” Bonta said.
“I immediately launched an investigation into how this occurred at the California Department of Justice and will take strong corrective measures where necessary. The California Department of Justice is entrusted to protect Californians and their data. We acknowledge the stress this may cause those individuals whose information was exposed. I am deeply disturbed and angered.”
The breach was first announced by the Fresno County Sheriff's Office, which claimed the California State Sheriff’s Association (CSSA) notified them of the breach. Neither organization responded to requests for comment about the situation.
The Fresno County Sheriff's Office explained in a Facebook post that the California DOJ pulled down the dashboard site along with all related links after learning about the breach.
“However, portions of private information may have been posted on social media websites. It is unknown exactly how much time the information was accessible,” the office said.
“The State Attorney General’s Office has stated it is working with urgency to determine the scope of the breach. It plans to contact CCW holders directly to advise them of the breach and will institute a program to reduce any harm or damages to CCW holders that resulted from the breach.”
They urged anyone who had their information compromised to file a report online through their website.
The California DOJ said the portal was available for “less than 24 hours” and asked anyone who saw the information not to share it.
The department is coordinating with law enforcement agencies across the state and is offering credit monitoring services to anyone who had their data exposed.
Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.