Imagine you're an immigrant, who has fled your home country for the United States due to fear of being persecuted and tortured.
You may be worried that your home country's government or a gang will find out that you're seeking safety in the United States, and retaliate against you or family members left behind.
What you definitely do not want is the agency handling your asylum request being careless with your personal information - and potentially putting your life and that of loved ones at risk.
For this reason, federal regulations forbid the highly sensitive information about asylum seekers from being disclosed without sign-off by senior officials at the US Department of Homeland Security (DHS).
And yet, despite the safeguards and regulations, the lives of thousands of people have been endangered after US Immigration and Customs Enforcement (ICE), a branch of the DHS, carelessly published their personal details on its website.
ICE confirmed it had "erroneously" posted the names, birth dates, nationalities, and detention locations of 6,252 immigrants during what was supposed t obe a routine update on November 28 2022.
The highly sensitive information was accessible on ICE's website for five hours, before being spotted by immigrant advocacy group Human Rights First.
According to media reports, ICE has now released nearly 3000 people whose personal information was exposed by the accidental data breach, and has resolved not to deport any affected immigrants until they have had the chance to argue their case in an immigration court.
Although that will go some way to mitigating harm done by the careless data leak, it doesn't help the over 100 immigrants whose information was included in the leak and who had already been deported by the time the breach was discovered.
Nor does it help the fewer than 10 people who officials say were deported shortly after the discovery of the data breach, and yet had not been informed about what had happened.
ICE, in an attempt to make amends, says that it is willing to help people it deported who wish to return to the United States and seek asylum again.
Immigration attorney Curtis Morrison says he has filed a lawsuit on behalf of the more than 20 immigrant detainees reportedly put in danger by the data breach.
ICE meanwhile says it will allow some immigrants hit by the data breach to seek asylum, even if normally they would not be eligible.
Is that enough to counter the harm done by the data breach? Somehow I don't think so. I'm not convinced I would be happy if I were one of those unfortunate people fleeing their country in an attempt to find a better life.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsDecember 19, 2024
November 14, 2024