Jul 01, 2022
Experts: California Lacked Safeguards For Gun Owner Info
This news has been received from: cbslocal.com
All trademarks, copyrights, videos, photos and logos are owned by respective news sources. News stories, videos and live streams are from trusted sources.
SACRAMENTO, Calif. (AP) — Cybersecurity experts say the California Department of Justice apparently failed to follow basic security procedures on its website, exposing the personal information of potentially hundreds of thousands of gun owners.
Katie Moussouris, founder and CEO of Luta Security, said there should have been access controls to make sure the information stayed out of the reach of unwanted parties, and the sensitive data should have been encrypted so it would have been unusable.
The damage done depends on who accessed the data, she said. Criminals could sell or use the private identifying information, or use permit-seekers’ criminal histories “for blackmail and leverage,” she said.
Already some are attempting to use the information to criticize gun control advocates who they say were revealed as having concealed carry permits. An online site called The Gun Feed included a post calling out a top lawyer for the Giffords Law Center to Prevent Gun Violence. But the center said the site had the wrong person — someone with the same name as its lawyer.
Five other firearms databases were also compromised, but Attorney General Rob Bonta’s office has been unable to say what happened or even how many people are in the databases.
“We are conducting a comprehensive and thorough investigation into all aspects of the incident and will take any and all appropriate measures in response to what we learn,” his office said in a statement Friday.
It said one of the other databases listed handguns but not people, while the others, including on gun violence restraining orders, did not contain names but may have had other identifying information.
“The volume of information is so incredibly sensitive,” said Sam Paredes, executive director of Gun Owners of California.
“Deputy DAs, police officers, judges, they do everything they can to protect their residential addresses,” he said. “The peril that the attorney general has put hundreds of thousands of people … in is incalculable.”READ MORE: Highway 50 Back Open, I-80 Still Closed In Sierra Ahead Of July 4 Weekend
Attorney Chuck Michel, president of the California Rifle and Pistol Association, said he has been fielding hundreds of calls and emails from gun owners looking to join what he expects will be a class-action lawsuit.
The improper release came days after the U.S. Supreme Court made it easier for people to carry hidden weapons, and as Bonta worked with state lawmakers to patch California’s newly vulnerable concealed carry law.
No evidence has so far revealed that the leak was deliberate. Independent cybersecurity experts said the release could easily have been lax oversight.
Bonta’s office has been unable to say whether and how often the databases were downloaded. Moussouris said the agency has that information if it was keeping access logs, which she called a basic and necessary step to protect sensitive data.
Tim Marley, a vice president for risk management at the cybersecurity firm Cerberus Sentinel, questioned the speed of the agency’s response to a problem with a website that should have been constantly monitored.
“Given the sensitive nature of the data exposed and potential impact to those directly involved, I would expect a response in much less than 24 hours from notification to action,” he said.
Bonta’s office said it is reviewing the timeline to see when it discovered the problem.
The design of public websites “should always be done with an effort to design security into the process,” Marley said.
Developers also need to properly test their systems before launching any new code or modifying existing code, he said. Yet often organizations rush changes because they are focused “on making it work over making it work securely.”MORE NEWS: State Officials Investigating After Multiple Geese Shot With Blow Darts In Natomas Area
Every Republican state senator and Assembly member called on Bonta, a Democrat running for reelection, to increase his disclosures about the information lapse, which they said violates state law. They also asked for specific information about the release and investigation, and senators criticized the department for an apparent lack of testing and security.
News Source: cbslocal.com
Tags: sacramento stockton california news concealed carry guns bonta’s office hundreds of thousands identifying information cybersecurity experts personal information should have been the information concealed carry the california making it work sensitive data the sensitive gun owners response office said the release
EXCLUSIVE: Elon Musk has been approached by one network and two cable channels who want to air public debate between him and Twitter chair Parag Agrawal as legal battle over aborted $44b takeover rages
Tesla and SpaceX CEO Elon Musk has been approached by one unnamed network and two unnamed cable channels to air his proposed debate against Twitter chairman Parag Agrawal, after Musk dropped his bid to buy Twitter, sources tell DailyMail.com.
Musk tweeted at Agrawal on Saturday, challenging him to a public debate 'about the Twitter bot percentage.' Musk wrote in a now-deleted tweet he wants Agrawal to 'prove to the public that Twitter has
But Twitter has also requested information from Musk's adviser, Morgan Stanley.
More subpoenas for the companies Tesla and SpaceX have also been requested to turn over information about the deal, along with conversational exchanges with their boss, according to Bloomberg.
Bret Taylor, Twitter's chairman, tweeted the board was 'committed to closing the transaction' under the current terms of the deal and they were 'confident' they would win.
In May, the crypto-currency exchange Binance put $500 million towards the Tesla CEO's $7.1 billion buyout of Twitter. Twitter further subpoenaed Binance to learn more about the investment, according to the report.
Twitter has also requested information on investors Chamath Palihapitiya, David Sacks, Steve Jurvetson, Marc Andreessen, Jason Calacanis and Keith Rabois, among others.
Investor Joe Lonsdale, an associate of Musk, said he received a subpoena from the social media firm. He called the subpoena a 'giant harassing fishing expedition.'
Investor Joe Lonsdale announced on Twitter that he had received a subpoena from the platform. He said he was not associated with the deal aside from making 'a few snarky comments' and called the legal probe a 'giant harassing fishing expedition.'
Those in the subpoenas may be called to testify in court.
Analysts said that Twitter is likely trying to find evidence that Musk made statements privately that contradicted his public stance that the company's issues with fake accounts made the buyout untenable.
For instance, if Musk hypothetically downplayed the bot issue as he sought financial backing for the deal, or revealed to confidantes that he had other reasons for backing out of the acquisition, it could bolster Twitter's case.