Details of 16,000 weapon licence-holders exposed in US cyber-attack

Details of 16,000 weapon licence-holders exposed in US cyber-attack

Over 4,000 Android apps contain SonicSpy spyware that steals device information

A severe cyber-attack in the state of Florida has resulted in hackers getting hold of names of 16,000 people who hold concealed-weapon licences.

The data breach of the Florida Department of Agriculture and Consumer Services' online payment system may also have resulted in the loss of 469 social security numbers to hackers.

Yahoo coughed up $16m in legal costs following 2013 data breach

The massive cyber-attack took place over two weeks ago and the Florida Department of Agriculture and Consumer Services insists that the breach was discovered and contained within 24 hours. The department also insists that no financial information of concealed weapon licence holders were lost.

"Other information possibly accessed per the data breach is all public information and poses no risk of identity theft," said the FDACS. "The department takes cyber security seriously and acted quickly to mitigate the effects of this breach. The privacy of the department's customers is a top priority and will remain so."

2 out of 3 UK enterprises suffered data breach last year

However, the FDACS did concede that hackers may have stolen social security numbers of at least 469 people through the attack. The said hackers obtained names of weapon licence holders by attacking the FDACS' online payment system which accepts payments for permits and other applications. The FDACS believes that the cyber-attack may have originated outside of the United States.

Those people whose social security numbers were breached have been offered free credit monitoring and fraud alert for a period of one year. At the same time, law enforcement authorities have taken over the investigation and are assessing the true impact of the data breach.

Massive Zomato data breach leaves 17 million e-mail addresses exposed

The incident bears similarities to a recent incident of a data breach in the UK when the Met Police shared personal information of as many as 30,000 firearms owners with a commercial firm which was neither a government department, a regulatory body nor an enforcement agency. Following the incident, the British Association for Shooting and Conservation had expressed concern on whether the commercial firm in question would keep personal data confidential or whether someone would manage to sell such information off to eager buyers.

"BASC has spoken with the Metropolitan Police and we understand they are investigating this matter. We are not in a position to comment further until the result of that investigation is known," said the association to The Register.

Copyright Lyonsdown Limited 2021

Top Articles

Can you trust Zero Trust?

Enterprises seeking a singular authentication model are increasingly taking a Zero Trust approach to ensuring proper identity authentication.

Usability and email security

When employees understand how their behaviour impacts email security, they become much more efficient at detecting scams, preventing data breaches, and protecting sensitive information.

The pen testing guide you never thought you needed, until now…

Security testing should be at the centre of any cyber strategy,

Related Articles