Guntrader.co.uk, a UK firearms dealer which sells shotguns, rifles, air rifles and air pistols, has experienced a serious data breach. According to reports, the databased accessed by the criminals is used not only by Guntrader but also by gun shops across the UK.
In total, around 111,000 records were stolen, and thousands of customers have had their names and addresses published on the dark web.
What data was exposed in the Guntrader breach?
An email from Guntrader confirms that the following details have been compromised in the attack:
- Any details used to register an account, such as
- telephone numbers
- email addresses
- encrypted passwords.
No financial details have been compromised. And, while no details about gun ownership were exposed, the very nature of the site does identify users as potential gun owners.
While copies of the database are circulating online, shooters are warned not to download it to see if their data is listed, as some are laced with malware.
The impact on Guntrader website users
Many affected gun owners are now worried about the potential impact on them and their families. We have been contacted by Guntrader customers who no longer feel safe. Many are concerned that they can be identified as people who own firearms and targeted by criminals who are interested in acquiring guns – especially as they are not easy to obtain and can be sold on the black market. Given the sensitivity of gun ownership in the UK, others are worried that they could become the target of anti-gun groups. As a result, some customers are even considering moving home to keep their families safe.
The British Association for Shooting and Conservation (BASC) has acknowledged the risk and has advised members “to check home security and be extra vigilant”. In the UK, firearms must be securely locked away when not in use. The police have also advised gun owners to ensure guns are stored securely and report any suspicious activity.
What happens now?
Guntrader has notified the police, the National Crime Agency and the Information Commissioner’s Office (ICO) about this security breach. There will be an investigation into how this data privacy failure was allowed to happen.
Are you affected by the Guntrader breach?
The breach affects Guntrader.co.uk customers – as well as those who purchases a registered firearms dealer using the Guntrader database – between 2016 and 17 July 2021.
Under UK data protection law, if you are affected by this breach, Guntrader must let you know. If you have not been told that you are involved, it is worth checking your spam folder in case the notification email has gone there. If you no longer use the email address registered to your Guntrader account, you should contact the firearms dealer to ask if your data has been compromised.