Story here. The breach also included AW registries, dealer record of sales data (meaning all gun purchases), applications for carry permits, and other information.
I’ve seen a suggestion — if anyone did get the permit data, given that one required identifier is race, compare the percent for applications to the percent for granted. If there is a discrepancy, score a point about racial discrimination. If nothing else, that will show them there is a downside to allowing a leak/data breach.