California AG office's leak of gun owner info even worse than originally admitted

AP Photo/Jae C. Hong

The data leak from California Attorney General Rob Bonta’s office, originally reported to have been limited to the private and personal details of concealed carry permitees in the state, was far more extensive than his office first admitted.

Yesterday afternoon Bonta’s office acknowledged that in addition to the concealed carry records, which included the full names, home addresses, and drivers license numbers of all those who had applied for a concealed carry permit (not just those who were approved), other databases run by the AG’s office were also open and available to download for an unspecified amount of time this week.

On Wednesday, it was revealed that the exposures also extended to the Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Certificate Safety, and Gun Violence Restraining Order dashboards.

“This unauthorized release of personal information is unacceptable and falls far short of my expectations for this department,” said Attorney General Rob Bonta.

Bonta has launched an investigation into the data breach.

The DOJ shut down parts of its website once it learned about the breach.

“It’s concerning anytime information that specific is released to the public,” says Fresno County Sheriff Margaret Mims. “Of course, what we tell the public all the time is to protect your personal information.”

Mims says it’s also important for these gun owners to make sure their home is secure since home addresses were part of the breach.

Yeah, thanks to the “unauthorized release of personal information” the AG’s office has provided a shopping list for criminals who are looking to steal guns and ammunition, as well putting who knows how many gun owners at risk of being targeted by abusive ex-partners or criminal defendants who appeared before one of the hundreds of judges whose personal info was made available online. This is really bad, but Bonta, despite saying he’s “angry and deeply disturbed” by the data leak, seems to be fairly nonplussed about the fact that his office has, in essence, doxxed hundreds of thousands of Californians.

According to the Los Angeles Times, the leaked information amounts to an entire decade’s worth of data on gun owners and those who applied for a concealed carry permit.

The California State Sheriffs’ Assn. said it was “alarmed” to learn of the breach.

“It is infuriating that people who have been complying with the law have been put at risk by this breach,” said Butte County Sheriff Kory Honea, the association’s president. “California’s sheriffs are very concerned about this data breach and the risk it poses to California’s CCW permit holders.”

All California law enforcement agencies that issue concealed-carry permits are required to provide “certain information” about permit holders to the Justice Department, “which in turn is required to safeguard that information,” according to a statement by the sheriffs’ association.

“It appears that before the breach was detected by DOJ, the information was copied and at least some portion of it was posted on the internet,” the statement said.

Justice Department officials said the data were exposed for less than 24 hours.

The department had posted updates to the portal Monday afternoon and was later made aware “of a disclosure of personal information that was accessible in a spreadsheet on the portal,” the agency’s statement said. Officials removed the information from public view and shut down the firearms dashboard Tuesday morning.

So far the only recourse offered by the AG’s office for those whose personal information was exposed has been credit monitoring to protect against identity thieves. What about the actual thieves who now have the names and addresses of local gun owners in their areas thanks to the downloading and dissemination of this data? Will Bonta be offering any protection against those criminals?

It shouldn’t even be up to Bonta, honestly, because he should resign in disgrace over what the California Rifle & Pistol Association is calling a “massive violation of California law.”

The CRPA has put together a an updated timeline of the data leak as well as all new information that’s become available and a link for prospective plaintiffs to join any lawsuit filed by the 2A group in response to the AG’s exposure of their personal information. I would encourage every California gun owner to get involved in this effort, as well as encouraging those of us who thankfully don’t have to live under the state’s anti-Second Amendment regime to kick in some cash to the state-level groups fighting for accountability for the officials who’ve put gun owners at risk.

This should also be Exhibit A the next time gun control groups in your state start talking about the “need” for gun registries, licensing, and yes, even “red flag” laws. Beyond the obvious constitutional issues with those databases, the California Attorney General has shown us just how easy it is for all of this information to be leaked online, and gun owners have no reason to believe that their own officials would do any better at keeping this information safe and secure.

Aug 18, 2022 5:30 PM ET