California Gun Ownership Database Breach, June 2022
Date: June, 2022The California Gun Ownership Database was put in place to record essential data on gun owners across California. It is maintained by the Department of Justice and Bureau of Firearms of the state of California.
What Was the Breach?
The California Attorney General is taking heat from media across the Golden State after errantly providing digital miscreants access to highly sensitive information about gun owners. The state of California appears to have rushed the public debut of an information portal, failing to secure gun ownership-related information properly. The oversight appears to have empowered criminals, providing a golden opportunity to steal the information and use it to commit financial fraud, perform identity theft, etc.
How Did the Breach Occur?
An improperly configured or poorly secured dashboard appears to be the core of the problem. Initial reports indicate that the California Attorney General’s office failed to upload the proper dashboard, ultimately creating an avenue for data access and theft.
The dashboard in question is a 2022 Firearms Dashboard Portal. The portal went public earlier this summer with files that are publicly accessible yet contain sensitive information about those who hold firearm concealed carry permits.
When Did This Breach Occur?
This breach occurred in June 2022.
Who Does the Breach Impact?
The data leak reveals the type of gun permits issued to California Residents. The leaked data also reveals the status of the gun owners regarding whether they are employed as police officers, judges, or regular citizens.
How Many Files Does the Breach Affect?
The breach impacts nearly 3,000 individuals throughout Los Angeles County. The affected individuals are gun owners with standard licenses. The database accessed in the breach contained some duplicate entries. According to local news outlets, nearly 250 judge permits were contained within the illegally accessed database.
The files in question include gun owners’ full names, street addresses, birthdates, and additional information. Hackers also accessed similar information for more than half a dozen custodial officers, 400+ reserve officers, and 63 individuals with an employment permit in the attack.
Recent Breaches
Cisco Duo Breach
Cisco Duo is an access security provider that offers solutions for small business and commercial control products, including multi-factor authentication (MFA), single sign-on, and access control services....
AT&T Breach
American Telephone and Telegraph Company (AT&T) is the fourth-largest telecommunications provider, behind Verizon, Comcast, and China’s state-funded communications solution...
Fujitsu Limited Breach
Fujitsu Limited is the world’s sixth-largest IT service provider. Based in the Minato City ward of Tokyo, Japan, Fujitsu offers various technology solutions for personal and commercial use...
Cybersecurity and Infrastructure Security Agency Breach
The CISA collaborates with other government agencies to notify victims of breaches and respond to threats. These include the Federal Bureau of Investigation, the Multi-State Information Sharing & Analysis...
Roku Inc. Breach
Roku is a global streaming and entertainment organization. It offers solutions for direct streaming, live channels, music, niche channel entertainment, smart home devices, travel technology, audio options,...