The California Department of Justice experienced a data breach on **June 27, 2022**, involving the unauthorized disclosure of sensitive personal information. The incident primarily affected approximately **100 individuals** holding **concealed carry weapons (CCW) permits**. The exposed data included **names, dates of birth, residential addresses, and CCW license numbers**—information that, if misused, could pose significant privacy and security risks to the affected individuals. The breach raises concerns about potential **identity theft, targeted harassment, or physical safety threats** for permit holders, given the sensitive nature of the leaked data. While the exact cause of the breach (e.g., insider threat, system vulnerability, or external cyberattack) was not specified in the report, the exposure of such regulated information underscores critical lapses in data protection protocols within a **government law enforcement agency**. The incident highlights the broader implications of **mishandling firearm-related records**, which are subject to strict confidentiality laws in many jurisdictions. The breach not only erodes public trust in the agency’s ability to safeguard sensitive data but also may lead to **legal repercussions, reputational damage, and heightened scrutiny** over its cybersecurity practices.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-555783
TPRM report: https://www.rankiteo.com/company/california-department-of-justice
"id": "cal547091725",
"linkid": "california-department-of-justice",
"type": "Breach",
"date": "6/2022",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '100',
'industry': 'Law Enforcement / Public Safety',
'location': 'California, USA',
'name': 'California Department of Justice',
'type': 'Government Agency'}],
'data_breach': {'data_exfiltration': 'Yes (unauthorized release)',
'number_of_records_exposed': '100',
'personally_identifiable_information': ['Full Names',
'Dates of Birth',
'Physical Addresses',
'CCW License Numbers'],
'sensitivity_of_data': 'High (includes names, DOBs, '
'addresses, and CCW license numbers)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'License/Permit Data']},
'date_detected': '2022-06-27',
'date_publicly_disclosed': '2022-06-27',
'description': 'The California Department of Justice reported a data breach '
'involving the unauthorized release of personal information '
'primarily related to individuals with concealed carry weapons '
'(CCW) permits. Exposed data included names, dates of birth, '
'addresses, and CCW license numbers, affecting approximately '
'100 individuals.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive permit holder '
'data',
'data_compromised': ['names',
'dates of birth',
'addresses',
'CCW license numbers'],
'identity_theft_risk': 'High (due to exposure of PII including '
'names, DOBs, and addresses)'},
'references': [{'date_accessed': '2022-06-27',
'source': 'California Department of Justice Public '
'Disclosure'}],
'title': 'California Department of Justice CCW Permit Data Breach',
'type': 'Data Breach'}