It seems no one is immune to data breaches in the modern world, not even concealed carry permit holders.
State officials in Florida have released that the names of thousands of concealed carry permit holders may have been leaked when an online payment system was breached earlier in May. The names associated with just over 16,000 permits were exposed.
And while this represents less than one of the total permit holders in the state of Florida, there is some concern that as many as 469 customers had their social security numbers compromised as part of the breach, as well.
At this time is does not seem that any financial information was disclosed as part of the break in that appears to have originated from overseas, despite the compromised systems having been part of a payment gateway for concealed carry permit renewals.
Only those concealed carry permit holders who renewed through the online system are at risk of having had their names compromised as part of the breach. The systems were used for the application, registration, renewal, and permit fees.
“Only concealed weapon licensees who renewed online may have had their names accessed,” the announcement from the Florida Department of Agriculture and Consumer Services (FDACS) said. “The department’s Office of Inspector General determined that there is no risk of identity theft to these licensees.”
Thanks to recent changes to the system and the reduced amount of information requested by the state, the exposure of data that could be used for identity theft has been kept to a very small number.
“The social security numbers that may have been obtained had been entered in an online field where either a social security number or Federal Employer Identification Number could be entered,” the statement said. “In 2009, the department began only to request a FEIN in this field and stopped the prior practice of requesting either a Social Security number or FEIN.”
Regardless of the minimal risk, the state is offering a year of credit protection, free of charge, to the users whose social security numbers were exposed.
The department, as part of their statement, assured users that cybersecurity remains a top priority for their department and that it was this close attention to security that allowed them to quickly shut down access to the system, minimizing the potential damage.
“The department takes cybersecurity seriously and acted quickly to mitigate the effects of this breach. The privacy of the department’s customers is a top priority and will remain so,” the statement from FDACS said.
Nevertheless, the Agriculture Commissioner, Adam Putnam, has ordered a review of the department’s cybersecurity policies and measures to reduce the chance of a similar compromise.