UK dumps data on 1,600 illegal immigrants online
Accidentally leaked credentials; Data dump; Insider attack
In a security gaffe, the British Home Office website made available for two weeks undocumented individuals’ names and birthdates, as well as immigration case type and status.
The data was downloadable in spreadsheet form from a webpage dealing with immigration family returns processing.
During the episode, there were fewer than 30 visits to the site, according to government officials.
"It has not been possible to ascertain whether those who visited the webpage went on to open the data sheet in question or accessed the part of the data sheet which contained the personal information," Minister for Immigration Mark Harper said in a statement.
An investigation into the matter is ongoing.
Policies already in place require “all UK government and public sector organisations to apply security classifications to information assets, so for the incident in question the data should have had a security label applied," Martin Sugden, the CEO of secure information exchange provider Boldon James told IBTimes. "There are numerous technologies such as DLP and Data Classification solutions which, if combined as part of a layered security approach, could have stopped this incident from occurring in the first place."
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.
December 13, 2013
International Business Times
Link to report
1,598 illegal immigrants
location of breach
location of perpetrators
date breach occurred
between 15-28 October 2013
date breach detected
Oct. 28, 2013