Personal details of the 31 international leaders attending the G20 Summit have been leaked by the Australian immigration department, who accidentally sent a list of passport numbers, visa details and other identifiable information to organisers of the Asian Cup.
The breach happened due to an immigration officer not realising the Microsoft Outlook autofill feature when sending information to the organisers. Immigration officers did not inform the leaders that personal information may have potentially leaked out into the public.
The information included US president Barack Obama, Russian president Vladimir Putin, Chinese president Xi Jinping, German chancellor Angela Merkel, British prime minister David Cameron and other leaders at the G20 Summit.
Australian immigration officials contacted the privacy commissioner on 7 November 2014 regarding the breach. He stated due to the small chance any information had leaked onto the public domain, leaders should not be informed of the breach.
“The personal information which has been breached is the name, date of birth, title, position nationality, passport number, visa grant number and visa subclass held relating to 31 international leaders (ie prime ministers, presidents and their equivalents) attending the G20 leaders summit,” the officer wrote. “The cause of the breach was human error. [Redacted] failed to check that the autofill function in Microsoft Outlook had entered the correct person’s details into the email ‘To’ field. This led to the email being sent to the wrong person.
“The matter was brought to my attention directly by [redacted] immediately after receiving an email from [the recipient] informing them that they had sent the email to the wrong person.” the office continued. “The risk remains only to the extent of human error, but there was nothing systemic or institutional about the breach.”
The non disclosure agreement by the immigration and privacy officers could put Australia in serious trouble. Several investigative teams are already looking into the possibilities of a breach and the potential effects of having this information in the public domain.