770 SLO County residents may have had data leaked in concealed weapons permit breach
More than 770 San Luis Obispo County residents who hold concealed weapons permits may have had their personal information exposed by the state Department of Justice, according to records obtained by The Tribune.
The data exposure was a result of a Monday update to the agency’s Firearms Dashboard Portal, a news release from California DOJ said. It exposed personal information of individuals who were granted or denied a concealed and carry weapons permit between 2011 and 2021, including names, dates of birth, gender, race, driver’s license numbers, addresses and criminal histories.
According to documents obtained by The Tribune in February, 771 people have been granted a concealed and carry weapons permit in San Luis Obispo County. It is unclear how many residents have applied and were denied.
Tony Cipolla, spokesperson for the San Luis Obispo County Sheriff’s Office, told the Tribune that the office is waiting on numbers from the DOJ on how many SLO County residents had their information exposed.
Cipolla said the sheriff does not have a comment for SLO County residents specifically and directed The Tribune to a news release from the California State Sheriff’s Association, a group San Luis Obispo County Sheriff Ian Parkinson is a part of.
“It is infuriating that people who have been complying with the law have been put at risk by this breach,” the association’s president and Butte County Sheriff Kory Honea said in the release. “California’s sheriffs are very concerned about this data breach and the risk it poses to California’s CCW permit holders.”
Data from the Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Safety Certificate, and Gun Violence Restraining Order dashboards were also affected by the Monday data exposure, the DOJ said.
Data was available for less than 24 hours, and the department removed the information and dashboard from public view Tuesday morning.
The department said it will notify the people whose data was exposed “in the coming days” and provide additional information and resources. It asks anyone who accessed the information to respect the privacy of those who had their data exposed.
