The Future Is Here
We may earn a commission from links on this page

California Gun Owners Had Lots of Their Data Exposed by the State Government

A state website launched Monday for gun owners was supposed to “increase transparency and information sharing.” It certainly did!

Image for article titled California Gun Owners Had Lots of Their Data Exposed by the State Government
Photo: GEOFFROY VAN DER HASSELT / AFP (Getty Images)

A data breach at the California Department of Justice has spilled a wealth of data about the state’s gun owners onto the internet.

The breach, which involved a recently launched website—revealed a host of personal details, including gun owners’ names, birthdays, addresses, ages, the purchase date and type of firearm permit they possessed, and their Criminal Identification Index numbers, which are used to track state and federal criminal records (if they had any). Included in this trove were the identities of every concealed carry permit holder in the state—information that, by its very nature, is supposed to be secret. The data also apparently included information on whether carriers were judges or members of law enforcement.

Advertisement

“We are investigating an exposure of individuals’ personal information connected to the DOJ Firearms Dashboard,” said a statement from the DOJ’s office provided to The Trace. “Any unauthorized release of personal information is unacceptable. We are working swiftly to address this situation and will provide additional information as soon as possible.”

Advertisement

Tony Botti, public information officer with the Fresno County Sheriff’s Office, told Gizmodo that two California sheriffs had been using the recently launched dashboard when they discovered the exposed information and reported the breach to the California State Sheriff’s Association (CSSA), which subsequently informed the California Department of Justice.

Advertisement

In a statement, the Fresno Sheriff’s office also noted that “portions of private information [from the breach] may have been posted on social media websites” and that it is “unknown exactly how much time the information was accessible.”

New, Bad, Vulnerable Dashboard

The 2022 Firearms Dashboard Portal, which the DOJ launched on Monday, was supposed to “increase transparency and information sharing,” according to an associated press release. It certainly did that! While the site was supposed to provide aggregated (presumably anonymous) data about gun transactions and ownership across the state, visitors to the site quickly realized that the personal information of individual gun owners had been exposed. It’s unclear why the information was visible.

Advertisement

Not long after the breach was discovered, the government took down the dashboard. A visit to the website on Wednesday showed that it is still down:

Image for article titled California Gun Owners Had Lots of Their Data Exposed by the State Government
Screenshot: Lucas Ropek/California DOJ
Advertisement

Gizmodo reached out to the California Attorney General’s Office for more information about the data breach and will update this story if they respond.

Conspiracy Theories Abound

Predictably, the data breach has already stirred paranoia and conspiratorial thinking on the part of gun owners. Many have used the term “dox” to describe the data breach, seeming to imply that the information had been leaked on purpose as some sort of liberal revenge for gun owners’ recent Supreme Court victory.

Advertisement

“Vindictive sore loser bureaucrats have endangered people’s lives and invited conflict by illegally releasing confidential private information,” Chuck Michel, President of the California Rifle & Pistol Association, told The Reload. “CRPA is working with several legislators and sheriffs to determine the extent of the damage caused by DOJ’s doxing of law abiding gun owners. Litigation is likely.”

Meanwhile, on social media, apparent gun owners shared their displeasure and seemed to let their wildest imaginative scenarios run wild:

Advertisement
Image for article titled California Gun Owners Had Lots of Their Data Exposed by the State Government
Screenshot: Lucas Ropek/Twitter

Listen, I’m always game for a fun conspiracy theory but anybody familiar with state government knows that bureaucrats are not known for their technological prowess or their attention to website security. Just look at the scandal involving Missouri governor Mike Parson, who recently left 100,000 public employee social security numbers exposed on a website, then tried to blame it all on the journalist who discovered the data breach. In short: governments screw up digital security often, and this seems like a pretty big screw up.