As a consequence of the breach, several asylum seekers have been threatened, and their families persecuted. The payout could amount to tens of millions of dollars. Publicly available court documents reveal new details regarding the incident. This includes information on who accessed the personal data, the harm suffered by the victims, and the steps taken by the department of home affairs after the incident.
Details of the Asylum Seekers’ Data Breach
The data breach took place in 2014, when Australia’s department of home affairs published a Microsoft Excel spreadsheet containing the personal information of 9258 individuals. At the time, the asylum seekers were in immigration detention. The Excel sheet revealed personal information such as full names, gender, date of birth, period of immigration detention, location, and boat arrival details. The secretary of the department learned about the incident on February 14. By then, the document had been available for public access for eight days. Court documents reveal that, in that time, the document was accessed 123 times by over one hundred unique IP addresses. While a majority of the access was from within Australia, there were views from people in countries such as China, Russia, Egypt, Great Britain, and Pakistan, including other masked locations.
Many Victims Persecuted as a Consequence of the Breach
In January 2021, the Office of the Australian Information Commissioner (OAIC) gave a verdict in favor of the victims. The OAIC said the department had breached the privacy of the asylum seekers by leaking their information. However, it ordered the department to compensate only 1300 of the victims. The Australian Administrative Appeals Tribunal will review the OAIC’s decision on Monday, December 13. The lawyers representing the victims say that the leaked data has been used against their clients. In some instances, it has led to their families being threatened in their home countries. In fact, a foreign court relied on the document as evidence in a case against one of the victims. “Multiple class members have provided documentary evidence of repercussions against their families upon their protection applications becoming known, following the data breach,” reads the document submitted by the victims’ lawyers. “The experience has also eroded class members’ trust in the Australian government and created greater apprehension in continuing to engage with government processes, especially given their past experiences fleeing from a country where the government is their prosecutor,” it adds.