CCAA Database

The CCAA Database leak occurred in 2021, exposing 979,592 records of children, parents, and caregivers in Californias Child Abuse and Neglect Reporting System. The leak was discovered on April 22, 2021, when a security researcher notified the University of California, Berkeley, which is responsible for managing the database.

The exposed records included sensitive information such as names, dates of birth, addresses, and Social Security numbers of children and their families who had been involved in the child welfare system. The leak also included information on abuse and neglect allegations, court documents, and case management records.

The exposed data was stored on an Amazon Web Services (AWS) bucket with inadequate security measures, allowing anyone to access the data without authorization. The leak was classified as a data breach by the California Attorney Generals Office, and an investigation was launched to determine the cause of the breach and the extent of the damage.

The leak was a major concern for child welfare experts and privacy advocates, as it could potentially put children and their families at risk of identity theft and exploitation. The incident highlighted the need for robust data security measures to protect sensitive information in child welfare databases.