SACRAMENTO, Calif. (KERO) — The California Department of Justice on Wednesday acknowledged the agency wrongly made public the personal information of perhaps hundreds of thousands of gun owners in up to six state-operated databases, a broader exposure than the agency initially disclosed a day earlier.
Rob Bonta, the Democrat who heads the agency and is running for reelection in November, said he was “deeply disturbed and angered” by the failure to protect the information his department is entrusted to keep. He ordered an investigation and promised to fix any problems.
“This unauthorized release of personal information is unacceptable and falls far short of my expectations for this department,” he said.
The California Rifle and Pistol Association noted that the release came days after the U.S. Supreme Court threw out New York’s requirement that those seeking to carry concealed weapons provide a reason. That also derailed California’s similar requirement, though state lawmakers and Bonta are working to impose new requirements.
The association said the “unconscionable” release included information on law enforcement officials including judges, as well as others who had sought permits “like rape and domestic violence victims.”
Names, dates of birth, gender, race, driver’s license numbers, addresses and criminal histories were exposed for people who were granted or denied permits to carry concealed weapons between 2011 and 2021, the department said. Social Security numbers and financial information were not disclosed.
In addition, the state’s Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Certificate Safety and Gun Violence Restraining Order dashboards were affected, the department said. Officials said were investigating the extent to which personal information was exposed in those databases.
The information on concealed carry permits was publicly available on a spreadsheet for less than 24 hours, officials said, from the time the department updated its Firearms Dashboard Portal on Monday afternoon until it shut down the website Tuesday morning.
“It is infuriating that people who have been complying with the law have been put at risk by this breach,” said Butte County Sheriff Kory Honea, president of the California State Sheriffs’ Association. He said sheriffs are concerned about the risk it poses to permit holders.
Bonta’s office could not immediately say how many individuals are in each database, whether the data was downloaded and how often, and when the public website would be restored. California officials issued about 40,000 conceal and carry permits last year, down from more than 100,000 during the peak year of 2016, according to information on the state Department of Justice’s website.
Republican state Sen. Brian Dahle, who is running for governor against Democratic Gov. Gavin Newsom, said many of the women who seek to carry concealed weapons “do so because they fear for their lives and safety. Consequently, those women will now have to worry that the person they least wanted to see again may have just been given their address by this careless act of bureaucratic idiocy.”
Bonta said he immediately began an investigation into how the release occurred “and will take strong corrective measures where necessary.”
He said he is aware of the stress the release may cause, and the department will notify people whose information was exposed. It will also provide credit monitoring services for those individuals.
From the California Department of Justice: Any Californian may take the following steps to immediately protect their information related to credit:
- Monitor your credit. One of the best ways to protect yourself from identity theft is to monitor your credit history. To obtain free copies of your credit reports from the three major credit bureaus go to https://www.annualcreditreport.com.
- Consider placing a free credit freeze on your credit report. Identity thieves will not be able to open a new credit account in your name while the freeze is in place. You can place a credit freeze by contacting each of the three major credit bureaus:
- Equifax: https://www.equifax.com/personal/credit-report-services/credit-freeze/; 888-766-0008
- Experian: https://www.experian.com/freeze/center.html; 888-397-3742
- TransUnion: https://www.transunion.com/credit-freeze; 800-680-7289
- Place a fraud alert on your credit report. A fraud alert helps protect you against the possibility of someone opening new credit accounts in your name. A fraud alert lasts 90 days and can be renewed. To post a fraud alert on your credit file, you must contact one of the three major credit reporting agencies listed above. Keep in mind that if place a fraud alert with any one of the three major credit reporting agencies, the alert will be automatically added by the other two agencies as well.
- Additional Resources. If you are a victim of identity theft, contact your local police department or sheriff’s office right away. You may also report identity theft and generate a recovery plan using the Federal Trade Commission’s website at identitytheft.gov. For more information and resources visit the Attorney General’s website at oag.ca.gov/idtheft.