Police Firearm Data Breach UPDATE #2
MONDAY 2 DECEMBER 2019
The Police firearm database breach has revealed that 37,125 owners have registered 280,000 individual newly prohibited items, COLFO says.
Full contact details, firearm licence number and bank address details were revealed. This has been captured on screen-grabs by users, and a full set of the data was downloaded.
The notification system is an online web page where any member of the public can notify the Police that they have one of the newly prohibited firearms or related items. Notification is a three-step process requiring name and contact details, then the firearms and parts to be registered, then their licence number and bank account (for compensation payments).
It is unclear how long the information was publicly available before it was seen this morning, and people were able to log into the system for up to three hours before the Police finally shut it down.
COLFO spokesperson Nicole McKee says the data breach is a huge blow to the whole hand-in programme, and to Police claims that firearm owner data would be safe under the Government’s planned registry.
“This is a shocking development. Full details of prohibited firearms, and addresses at which they could be found, have been available online to the public.
“This makes an absolute mockery of Police claims to the Select Committee that they could be trusted to keep a firearm registry secure.
“We call on the full hand-in programme to be suspended in the meantime, and the Privacy Commissioner to investigate.”