Private info of all California concealed-carry permit holders exposed in California DOJ data breach

Authorities reported on June 28, that a major data breach has exposed the sensitive information of every person with a California permit to carry a concealed weapon.

The California Department of Justice has been hit by the data breach as part of the launch of its 2022 Firearms Dashboard Portal, according to the Fresno County Sheriff's Office, which said it was informed of the leak Tuesday by the California State Sheriffs' Assn.

The Sheriff's Office said in a statement:

This public site allows access to certain information, however, personal information of concealed carry weapon permit holders is not supposed to be visible.This includes, but is not limited to a person's name, age, address, Criminal Identification Index number and license type (Standard, Judicial, Reserve and Custodial).

The data security incident impacted all concealed weapons permit holders in California, according to the Sheriff's Office.

Justice Department officials pulled down the dashboard site along with all related links after learning of the breach, but it is possible that some private information was posted elsewhere online.

California Atty. Gen. Rob Bonta's office told law enforcement it is "working with urgency" to determine the breach's scope and plans to contact permit holders to directly advise them. Bonta's office will institute a program to mitigate harm or damages that permit holders suffer as a result of the data security incident.

In the same time, the Vice Society ransomware group has claimed responsibility for last week's hacker attack against the Medical University of Innsbruck, which caused IT service disruption and the data breach. The research university has 3,400 students and 2,200 employees and offers extensive medical care services, including surgeries.