Personal information, passport numbers and visa details of world leaders who attended the G20 summit in Brisbane, Australia, in November 2014, have been inadvertently leaked by an employee of the Australian Department of Immigration and Border Protection.
According to an email sent from the director of the visa services division of the immigration department to the country’s privacy commissioner, and legally obtained by The Guardian, the leak happened when the aforementioned employee sent an email containing that information to the wrong recipient: the organizers of the Asian Cup football tournament.
“The cause of the breach was human error. [Redacted] failed to check that the autofill function in Microsoft Outlook had entered the correct person’s details into the email “To’ field. This led to the email being sent to the wrong person,” explained the director.
“The risk remains only to the extent of human error, but there was nothing systemic or institutional about the breach.”
Despite the fact that the leaked information included the leaders’ name, date of birth, title, position nationality, passport number, visa grant number and visa subclass, the director said that she didn’t think it was necessary to inform them of the leak.
The leak was caught quickly (within 10 minutes, as the recipient let them know what happened), she wrote, and she was satisfied with the recipient’s assurance they have deleted the email and the information from all systems and servers where it could have possibly been stored.
Finally, most of this information is already widely available, and the passport and visa info cannot be effectively misused because the individuals in questions are so prominent.
Whether these leaders were ultimately appraised of the incident is still now known, and the office of the Australian immigration minister has yet to comment on the matter.