Security News > 2022 > June > California state's gun control websites expose personal data
In addition to that portal, data was exposed on several other online dashboards provided the state, including: Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Safety Certificate, and Gun Violence Restraining Order dashboards.
The Cali DOJ noted that the dashboards and data were available to the public "For less than 24 hours," and the information exposed included names, dates of birth, gender, race, driver license numbers, addresses, and criminal histories.
The state DOJ said it will notify Californians whose data was exposed and "Provide additional information and resources" in the coming days.
"The failure to keep stakeholders' sensitive data confidential is coming with greater consequences for organizations in the United States," Tim Marley, VP for audit, risk and compliance at Cerberus Sentinel, told The Register.
The California breach comes at a time when data privacy is at the forefront of the national debate, in large part because of the Supreme Court's recent decision to overturn Roe vs. Wade, which has called into question what personal data is collected, retained - and potentially sold or shared.
"At the end of the day, we shouldn't need legislation to force us to examine the sensitive data in our possession and verify that we protect it at every stage of the data lifecycle," Marley added.