Threatwatch

UK dumps data on 1,600 illegal immigrants online

Accidentally leaked credentials; Data dump; Insider attack

In a security gaffe, the British Home Office website made available for two weeks undocumented individuals’ names and birthdates, as well as immigration case type and status.

The data was downloadable in spreadsheet form from a webpage dealing with immigration family returns processing.

During the episode, there were fewer than 30 visits to the site, according to government officials.

"It has not been possible to ascertain whether those who visited the webpage went on to open the data sheet in question or accessed the part of the data sheet which contained the personal information," Minister for Immigration Mark Harper said in a statement.   

An investigation into the matter is ongoing.

Policies already in place require “all UK government and public sector organisations to apply security classifications to information assets, so for the incident in question the data should have had a security label applied," Martin Sugden, the CEO of secure information exchange provider Boldon James told IBTimes. "There are numerous technologies such as DLP and Data Classification solutions which, if combined as part of a layered security approach, could have stopped this incident from occurring in the first place."

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.

sector

Government (Foreign)

reported

December 13, 2013

reported by

International Business Times

number affected

1,598 illegal immigrants

location of breach

UK

perpetrators

Employees

location of perpetrators

UK

date breach occurred

between 15-28 October 2013

date breach detected

Oct. 28, 2013