The California gun data breach was inadvertent

Read Time:3 Minute, 28 Second

The California Department of Justice mistakenly posted the names, addresses and birthdays of nearly 200,000 gun owners online because officials didn’t follow policy and didn’t understand how to operate their website, according to an investigation released Wednesday.

That’s according to an investigation by a third-party law firm hired by the California Department of Justice personal information for 192,000 people was downloaded 2,734 times from 507 unique IP addresses over a roughly 12-hour period in late June. All of these people applied for concealed carry permits.

“The Department of Justice’s wrongful disclosure of sensitive personal data, while unacceptable, was unintentional and not related to any nefarious purpose,” the investigators wrote in their report.

According to Chuck Michell, an attorney and president of the California Rifle and Pistol Association, the intentional breach of personal information carries stiffer fines and penalties under California law. Michel said his group is preparing a class-action lawsuit against the state.

“There are a lot of gaps and unanswered questions, possibly intentional, and some twists and turns in this whole idea of ​​whether or not this was a deliberate release,” he said. – This is not the end of the investigation.”

The release of data for the summer took place shortly after US Supreme Court ruled against New York’s requirement that people must provide a reason to carry a concealed weapon. California has similar requirements, and efforts to change it after a court decision failed earlier this year.

Michel said the leaked data contained information about judges, law enforcement officers and victims of domestic violence who sought gun permits.

California Department of Justice officials were unaware of the breach until someone sent Attorney General Rob Bont a private message on Twitter that included screenshots of personal information that could be downloaded from a state website, the investigation said.

State officials initially thought the report was a hoax. Two unnamed employees — identified only as “Data Analyst 1” and “Research Center Director” — conducted an investigation and falsely assured everyone that personal information was not publicly available.

Meanwhile, the website crashed because so many people were trying to upload data. Another group of government officials worked to bring the website back online, unaware of the data breach. At approximately 9:30 p.m., they reopened the website with personal information ready for download.

State officials took the website down until about noon the next day. By that time, the information had already been downloaded thousands of times.

State officials thought they were providing anonymous information in the aggregate for research and media inquiries about gun use in California. But the employee who created the website included several data sets that contained personal information.

Investigators found that no one—neither the employee who collected the data nor the officials who supervised the employee—knew the proper security settings to prevent the data from being accessed for public download.

“This was more than a data breach, it was a breach of trust that fell short of my expectations and the expectations of Californians for our department,” Bonta, the attorney general, said in a news release. “I remain deeply angered that this incident occurred and offer my deepest apologies on behalf of the Department of Justice to those affected.”

Other information was also erroneously published, including data from firearms safety certificates, dealer sales records and the state’s assault weapons registry. The data included the birth dates, gender and driver’s license numbers of more than 2 million people and 8.7 million gun transactions. But investigators said there wasn’t enough information in those data sets to identify anyone.

Investigators recommended that government officials do more training and planning, including reviewing and updating policies and procedures.

“This failure requires immediate remediation, so we are following all the recommendations of this independent report,” Bonto said.

Source by [author_name]

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Previous post The trial for the rape of actor Danny Masterson has been announced
Next post The MP posed as a teenager on the Internet to extort a girl