https://www.theguardian.com/us-news/2022/jun/30/california-gun-owners-data-breach
Exploit: Human Error
California Department of Justice: State Government Agency
Risk to Business: 2.617 = Moderate
The California Department of Justice has disclosed a messy data breach courtesy of its Firearms Dashboard Portal. In the course of an update in late June, user data for anyone who had applied for a concealed carry firearms permit from 2011 through 2021 using the site was exposed for an estimated 24 hours in an unsecured spreadsheet. Data was also exposed on several other state-maintained gun-related online dashboards, including the Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Safety Certificate and Gun Violence Restraining Order dashboards.
Individual Risk: 2.613 = Moderate
User data that may have been exposed includes names, dates of birth, gender, race, driver license numbers, addresses, and criminal histories. Social Security numbers and financial information were not involved.
How It Could Affect Your Customers’ Business: SMBs that handle or store large amounts of data have been high on cybercriminal shopping lists, particularly in recent months.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
