Australia leaks personal details of 10,000 asylum seekers in catastrophic data breach

The personal details of a third of all asylum seekers being held by the Australian government have been released by accident by the Department of Immigration and Border Protection in one of the most serious and embarrassing security breaches in the country's history.

As though trying to prove that it's not just the private sector that suffers catastrophic data breaches, the Australian government has leaked the full names, nationalities, location, arrival date and boat arrival information, all of which was made available in an enormous database on the Department of Immigration's website.

The incident has raised serious concerns over the processes of data protection in place in Australia, and has some worried that the details could be used to take advantage of potential seekers of asylum.

Every one of the people held in a mainland detention facility and on Christmas Island, amounting to a shocking almost 10,000 adults and children, has been identified in the database. Several thousand people who have been semi-released into the community under the community detention program have also had their data leaked.

The asylum seekers come from countries including Sri Lanka, Afghanistan, Iran and Syria and arrived in Australia as late as September. Some of the affected have been in detention for more than 1000 days, and fled their countries due to human rights abuses.

The Department of Immigration released a statement saying the information was never intended to be in the public domain.

"The department acknowledges that the file was vulnerable to unauthorised access. The department is investigating how this occurred to ensure that it does not happen again," it said.

The department has also been accused of breaking Australian privacy laws through negligence.

The immigration minister, Scott Morrison, spoke at a news conference last November about the government's responsibility to protect the asylum seekers in its detention centres.

"What the Australian government has an obligation to do, though, is ensure that we take all steps necessary so as not to violate their identity," he said.

"Now, it is important that people who are making claims about asylum can do so in a discreet way and a private way. And we need to take all reasonable steps under our duty of care to ensure that we don't expose people to that situation."

Whether the data breach will make the UK government think again about it's controversial Care.data database is another matter.

Image: Flickr (Takver)