This news has been received from: mercurynews.com

All trademarks, copyrights, videos, photos and logos are owned by respective news sources. News stories, videos and live streams are from trusted sources.

mail: [NewsMag]

By DON THOMPSON | The Associated Press

SACRAMENTO — Cybersecurity experts say the California Department of Justice apparently failed to follow basic security procedures on its website, exposing the personal information of potentially hundreds of thousands of gun owners.

The website was designed to only show general data about the number and location of concealed carry gun permits, broken down by year and county.

But for about 24 hours starting Monday a spreadsheet with names and personal information was just a few clicks away, ready for review or downloading.

Katie Moussouris, founder and CEO of Luta Security, said there should have been access controls to make sure the information stayed out of the reach of unwanted parties, and the sensitive data should have been encrypted so it would have been unusable.

The damage done depends on who accessed the data, she said. Criminals could sell or use the private identifying information, or use permit-seekers’ criminal histories “for blackmail and leverage,” she said.

RELATED: California exposes personal data of potentially hundreds of thousands of concealed gun permit applicants

Already some are attempting to use the information to criticize gun control advocates who they say were revealed as having concealed carry permits. An online site called The Gun Feed included a post calling out a top lawyer for the Giffords Law Center to Prevent Gun Violence. But the center said the site had the wrong person — someone with the same name as its lawyer.

Five other firearms databases were also compromised, but Attorney General Rob Bonta’s office has been unable to say what happened or even how many people are in the databases.

“We are conducting a comprehensive and through investigation into all aspects of the incident and will take any and all appropriate measures in response to what we learn,” his office said in a statement Friday.

It said one of the other databases listed handguns but not people, while the others, including on gun violence restraining orders, did not contain names but may have had other identifying information.

“The volume of information is so incredibly sensitive,” said Sam Paredes, executive director of Gun Owners of California.

“Deputy DAs, police officers, judges, they do everything they can to protect their residential addresses,” he said. “The peril that the attorney general has put hundreds of thousands of people … in is incalculable.”

Attorney Chuck Michel, president of the California Rifle and Pistol Association, said he has been fielding hundreds of calls and emails from gun owners looking to join what he expects will be a class-action lawsuit.

The improper release came days after the U.S. Supreme Court made it easier for people to carry hidden weapons, and as Bonta worked with state lawmakers to patch California’s newly vulnerable concealed carry law.

No evidence has so far revealed that the leak was deliberate. Independent cybersecurity experts said the release could easily have been lax oversight.

Bonta’s office has been unable to say whether and how often the databases were downloaded. Moussouris said the agency has that information if it was keeping access logs, which she called a basic and necessary step to protect sensitive data.

Tim Marley, a vice president for risk management at the cybersecurity firm Cerberus Sentinel, questioned the speed of the agency’s response to a problem with a website that should have been constantly monitored.

Related Articles

  • Crime and Public Safety | Outraged Uvalde parents: ‘These kids were obliterated’
  • Crime and Public Safety | Mathews: California needs to prepare to secede from the nation
  • Crime and Public Safety | Concealed guns to be banned in New York businesses unless they explicitly allow it
  • Crime and Public Safety | Opinion: How Biden and Congress could get meaningful gun laws passed
  • Crime and Public Safety | California exposes personal data of potentially hundreds of thousands of concealed gun permit applicants
“Given the sensitive nature of the data exposed and potential impact to those directly involved, I would expect a response in much less than 24 hours from notification to action,” he said.

Bonta’s office said it is reviewing the timeline to see when it discovered the problem.

The design of public websites “should always be done with an effort to design security into the process,” Marley said.

Developers also need to properly test their systems before launching any new code or modifying existing code, he said. Yet often organizations rush changes because they are focused “on making it work over making it work securely.”

Every Republican state senator and Assembly member called on Bonta, a Democrat running for reelection, to increase his disclosures about the information lapse, which they said violates state law. They also asked for specific information about the release and investigation, and senators criticized the department for an apparent lack of testing and security.

News Source: mercurynews.com

Tags: mr roadshow opinion columnists cartoons pac 12 hotline celebrities cyber security gun control guns morning wire privacy bonta’s office crime and public safety identifying information cybersecurity experts personal information should have been concealed carry the information sensitive data making it work the california gun owners the sensitive the release response office said

Driussi brace helps Austin earn 3-3 draw with Earthquakes

Next News:

Two Studies Raise Concerns About Public School Serious Violence Incidents

by Elyse Apel

 

At a time when school shootings are a concern for many Americans, serious violence incidents are also up in schools across the nation, reports two recent studies.

One study, from the National Center for Education Statistics, shows a 35% increase in serious violence incidents in K-12 public schools from the 2015-16 school year to 2019-20. Serious violence incidents include rape, attempted rape, sexual assault other than rape, threatened rape, physical attacks, fights with a weapon, threat of physical attack with a weapon, and robbery with or without a weapon.

More schools responded to the 2019 survey which led to the increase in reported incidents, but the increase was still declared as “statistically significant” by the author of the study.

The 2019-20 NCES study was published in July 2022 and is a look at the latest trends of violence in schools. The violence has also prompted action from state legislatures.

A survey from the American Psychological Association found that 33% of surveyed teachers reported experiencing at least one incident of verbal abuse and/or threatened violence from July 2020 to June 2021.

The National Education Association President Becky Pringle called this increase a “crisis” in a news release.

“This crisis of violence should unite educators, students, families, and politicians around the common goal of ensuring that our public schools are the safest, healthiest, and most just places in our communities,” Pringle said.

Ke Wang, the researcher from the American Institutes for Research who co-authored the NCES 2019-20 study, said that the increase in those incidents is significant.

“For serious violent incidents, you can indeed say that the number has increased between 2015-16 and 2019-20. I just tested this out and the increase is statistically significant,” Wang said.

In 2015-16, there were 40,800 incidents reported by 12,900 participating schools. In 2019-20, there were 62,800 incidents reported by 21,100 participating schools.

Wang said that although the number of participating schools varied, the years can be compared “apples-to-apples.”

Both Republicans and Democrats in state legislatures around the nation have proposed bills in the last few years to strengthen protections for teachers and expand the penalties for assaulting teachers in the classroom.

In Michigan, Senate Bill 689 was proposed in 2021 that would make assaulting or endangering a school employee a “misdemeanor punishable by imprisonment for not more than one year.”

The American Enterprise Institute think-tank did not respond to an email from The Center Square requesting a comment on these trends.

– – –

Elyse Apel is a rising junior at Hillsdale College, which is located in Michigan. Originally from Oklahoma, she is studying politics and journalism. Elyse is an intern reporter at The Center Square.
Photo “Young Boy Being Bullied After Being Beaten Up” by Mikhail Nilov.

 

Other News

  • Louisiana Education Superintendent Lauds Florida-Based Moms for Liberty Group
  • Two Studies Raise Concerns About Public School Serious Violence Incidents