AIM Surplus’ Database Breach Compromises Customer Data

On April 26th AIM Surplus sent a notice of data breach to the state of California regarding a breach of their image database that occurred on April 4th, 2016. This database housed images of customer names, images of their firearm licenses, and documents used for age verification. Many US shooters have purchased something from AIM surplus and are affected by the breach, I myself fall into that category. At this time there is no indication as to how extensive the breach was and how far back the data goes. The notice did state that no payment information, order history, or account information had been compromised, only the names of customers and their state IDs.

AIM does appear to be offering a year of free ProtectMyID from Experian to help their customers detect if their information has been misused. AIM Surplus also has removed all the images from the server and is working with a security firm to fix the lack of security with their upload feature. The security firm will also be taking a hard look at the entire site for any other potential security issues. You can read the notice below or visit the link here to view the notice on the State of California’ server here.

I reached out to AIM Surplus and there has been no comment as of this time.

About Patrick Roberts 217 Articles
Since founding Firearm Rack in 2014 which evolved into Primer Peak in 2020, Patrick has been published by RECOIL, Ammoland, Gun Digest, The Firearm Blog, The Truth About Guns, Breach Bang Clear, Brownells, The Shooter's Log, and All Outdoor. When he isn't writing you can find him instructing handgun and AR-15 courses, training his dog Bear, or spending time with his son Liam. See what he is up to on his YouTube Channel, on Facebook, or on Instagram at @thepatrickroberts.

Be the first to comment

Leave a Reply

Your email address will not be published.