Immigration dept confirms asylum seeker data breach

Powered by SC Magazine
 

Updated: Personal details of up to 10,000 exposed.

The Department of Immigration and Border Protection (DIPB) has admitted to inadvertently leaking the personal details of close to 10,000 asylum seekers housed in Australia via its website.

News of the leak was broken today by The Guardian, which reported the database contained full names, nationalities and boat arrival dates and information of all individuals held on a mainland detention facility and on Christmas Island.

In a statement the DIPB confirmed the data breach and said it has taken the information offline.

“The department acknowledges that the file was vulnerable to unauthorised access," a spokesperson said.

“The file has been removed and the department is investigating how this occurred to ensure that it does not happen again.

“This information was never intended to be in the public domain."

The department did not clarify whether the data was accessed by other sources. Immigration minister Scott Morrison said all channels to access the data had been closed and it had not been cached by search engines.

The data involved in the breach equates to a third of all asylum seekers housed in Australia, according to The Guardian.

Opposition immigration spokesman Richard Marles said the leak appeared to be "one of the most significant breaches of privacy in Australia's history" and called it "ineptitude of the greatest degree".

"This is a government with a culture of secrecy but it is utterly unable to manage secrecy," Marles said.

"This is a government which refuses to put information into the public domain which should be in the public domain, but which [takes] private information which should be nowhere near the public domain, [and] makes it public.

"We need to understand how this happened, and there are serious questions that need to be answered by the government in relation to this."

Greens Senator Sarah Hanson-Young said the breach made a "mockery" of Prime Minister Tony Abbott's "obsession with secrecy".

"[Immigration minister Scott Morrison] needs to clarify how this occurred, how he will stop it from happening again and how he will ensure the the thousands of asylum seekers whose lives have been put at risk will now be protected because of this huge security breach," she said.

The Privacy Commissioner has announced it will investigate the breach, while the Immigration department said it has engaged KPMG to review and report on how it occured.

Click through for the security industry's analysis of the incident

Copyright © iTnews.com.au . All rights reserved.


Immigration dept confirms asylum seeker data breach
 
 
 
Top Stories
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  23%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  27%
TOTAL VOTES: 279

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  62%
 
No
  38%
TOTAL VOTES: 97

Vote