Florida officials said hackers may have stolen the names of over 16,000 people who have concealed weapon permits in the state. The Florida Department of Agriculture and Consumer Services revealed on Monday (22 May) that the breach occurred through its online payment system, which processes payments for customers' permits and other applications.
The department said people with concealed weapon licences in the state who renewed online may have had their names stolen in the attack. The breach may have also revealed the social security numbers of 469 customers as well, FDACS said.
Spokesperson Jenn Meale told Tampa Bay Times that the breach, believed to have taken place two weeks ago, was discovered by the agency less than 24 hours after it occurred. The agency said the breach is believed to have originated overseas.
Meale added FDACS was "able to identify it quickly and shut the system down".
"Other information possibly accessed per the data breach is all public information and poses no risk of identity theft," the department said in a statement, noting that no financial information was accessed in the breach.
"The department takes cybersecurity seriously and acted quickly to mitigate the effects of this breach. The privacy of the department's customers is a top priority and will remain so."
The department did not reveal how the hacker gained access to the system or name any suspected perpetrators behind the cyberattack.
People affected by the attack have been notified, the department said. The nearly 500 people whose Social Security numbers have been compromised have been offered free credit monitoring and fraud alert for one year.
Agriculture Commissioner Adam Putnam, who is running for governor in 2018, has ordered a review of the department's cybersecurity measures. Florida state law enforcement are currently investigating the data breach.