California Department of Justice Alerts Those Affected by Exposure of Personal Information from Gun Dashboard 2022 | State of California – Department of Justice
SACRAMENTO – The California Department of Justice announced that personal information was disclosed as part of the June 27, 2022 update to its Firearms Dashboard portal. Based on the Department’s ongoing investigation, the incident revealed the personal information of individuals who were granted or denied Concealment and Carrying Weapons (CCW) permits between 2011 and 2021. The information exposed included names, date of birth, gender, race, driver’s license number, addresses and criminal history. Social security numbers or any financial information were not released following this event. In addition, data for the following dashboards has also been affected: Assault Weapons Registry, Handguns Certified for Sale, Dealer Sales Registry, Firearms Certificate Security, and Orders Dashboards restriction of armed violence. The DOJ is investigating the extent to which personally identifiable information may have been exposed from these dashboards and will release additional information as it is confirmed.
“This unauthorized disclosure of personal information is unacceptable and falls far short of my expectations for this department,” said Attorney General Rob Bonta. “I immediately launched an investigation into how this happened at the California Department of Justice and will take strong corrective action if necessary. The California Department of Justice is responsible for protecting Californians and their data. We recognize the stress this may cause to those whose information has been exposed.I am deeply troubled and angry.
On the afternoon of June 27, 2022, the DOJ posted updates to the Guns Dashboard Portal. The DOJ became aware of a disclosure of personal information that was accessible in a spreadsheet on the portal. After the DOJ learned of the data exposure, the department took steps to remove the information from public view and shut down the gun dashboard yesterday morning. Dashboard and data were available for less than 24 hours.
In the coming days, the Department will notify those whose data has been exposed and provide additional information and resources. California law requires a company or state agency to notify any California resident whose unencrypted personal information, as defined, has been acquired or reasonably suspected to have been acquired by an unauthorized person.
The DOJ asks anyone who has accessed this information to respect the privacy of those affected and not to share or disseminate any personal information. Additionally, possession or use of personally identifiable information for unlawful purposes may constitute a crime. (See California Penal Code, Section 530.5.)
We communicate with law enforcement partners throughout the state. In collaboration, we will provide support to those whose information has been exposed.
In an abundance of caution, the Department of Justice will provide credit monitoring services to individuals whose data has been exposed as a result of this incident. The DOJ will contact individuals who have been affected by this incident directly and provide instructions for registering for this service.
Any Californian can take the following steps to immediately protect their credit information:
- Watch your credit. One of the best ways to protect yourself against identity theft is to monitor your credit history. To get free copies of your credit reports from the three major credit bureaus, go to https://www.annualcreditreport.com.
- Consider placing a free credit freeze on your credit report. Identity thieves will not be able to open a new credit account in your name while the freeze is in place. You can place a credit freeze by contacting each of the three major credit bureaus:
- Place a fraud alert on your credit report. A fraud alert protects you against the possibility of someone opening new credit accounts in your name. A fraud alert lasts 90 days and can be renewed. To post a fraud alert on your credit report, you must contact one of the three major credit reporting agencies listed above. Keep in mind that if you place a fraud alert with one of the three major credit bureaus, the alert will also be automatically added by the other two agencies.
- Additional Resources. If you are a victim of identity theft, contact your local police department or sheriff’s office immediately. You can also report identity theft and generate a recovery plan using the Federal Trade Commission’s website at identitytheft.gov. For more information and resources, visit the Attorney General’s website at oag.ca.gov/idtheft.