California Sheriffs Issue Public Alert Following DOJ Data Breach of CCW Permit Holders

A data breach by the California Department of Justice (DOJ) that has made public the personal information of California’s citizen concealed weapon (CCW) permit holders has alarmed the California State Sheriffs’ Association (CSSA).

The California Department of Justice announced that personal information was disclosed in connection with the June 27 update of its Firearms Dashboard Portal. Based on the Department’s current investigation, the incident exposed the personal information of individuals who were granted or denied a concealed and carry weapons (CCW) permit between 2011-2021.

Information exposed included names, date of birth, gender, race, driver’s license number, addresses, and criminal history. Social Security numbers or any financial information were not disclosed as a result of this event. Additionally, data from the following dashboards were also impacted: Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Safety Certificate, and Gun Violence Restraining Order dashboards.

DOJ is investigating the extent to which any personally identifiable information could have been exposed from those dashboards and will report additional information as soon as confirmed.

“This unauthorized release of personal information is unacceptable and falls far short of my expectations for this department,” Attorney General Rob Bonta said. “I immediately launched an investigation into how this occurred at the California Department of Justice and will take strong corrective measures where necessary. The California Department of Justice is entrusted to protect Californians and their data. We acknowledge the stress this may cause those individuals whose information was exposed. I am deeply disturbed and angered.”

CSSA on Wednesday issued an alert to make CCW permit holders aware of the situation so they can take appropriate precautions.

“It is infuriating that people who have been complying with the law have been put at risk by this breach,” CSSA President and Butte County Sheriff Kory Honea said in a prepared statement “California’s sheriffs are very concerned about this data breach and the risk it poses to California’s CCW permit holders.”

CSSA will continue to engage with DOJ in an effort to ensure that the risk to CCW permit holders is mitigated and a breach of this nature does not happen again.

Every law enforcement agency in California that issues CCW permits is required by law to provide certain information about CCW permit holders to DOJ, which in turn is required to safeguard that information. The data breach was in conjunction with DOJ’s launch of its “2022 Firearms Dashboard Portal.” The breach included, but was not limited to, the names, ages, and addresses of individuals who hold CCW permits in California. It appears that before the breach was detected by DOJ, the information was copied and at least some portion of it was posted on the internet.

After learning of the breach, CSSA President and Butte County Sheriff Kory Honea contacted DOJ officials. During that conversation DOJ confirmed there was a data breach involving CCW permit holder information. DOJ advised it has deactivated the dashboard and is working to determine the scope of the breach. DOJ stated it would be contacting all CCW permit holders directly to advise them of the breach and will institute a program to mitigate any harm or damages to CCW holders that result from the breach.

DOJ has issued a statement regarding this situation that can be accessed here:

Image Sources

  • Concealed Carry Weapon: Shutterstock