World leaders have private details leaked online

An organiser of Australia‘s G20 summit accidently sent personal details of 31 world leaders to an Asian Cup football tournament organiser, The Guardian Australia has revealed.

The incident happened on 7th November 2014 but the Australian director of the visa services division did not find necessary to alert the victims of the breach.

An employee at the Australian immigration department was said to have unintentionally sent the data of those including UK’s PM David Cameron, US President Barack Obama, German Chancellor Angela Merkel, Russian President Vladimir Putin and Chinese President Xi Jinping. The list also includes key figures from Japan, Indonesia and India.

The breach was down to human error as the person responsible failed to check that the auto fill function in Microsoft Outlook had entered the correct person’s details into the email ‘To’ field.

This led to the email being sent to the wrong person. A recent FOI request from Egress demonstrated, 93% of data breaches being caused by human error.

Australia’s deputy opposition leader, Tanya Plibersek, called on Prime Minister Tony Abbott to answer why the world leaders were not notified of the breach.

"The Prime Minister and the immigration minister must explain this serious incident and the decision not to inform those affected," Ms Plibersek told The Guardian.

Tony Pepper, CEO of Egress Software Technologies, said: "This is a shocking breach in security that should have been disclosed immediately – however it’s actually a very common mistake. ‘Autofill’ options when entering a recipient’s details create a wide margin for human error when sharing confidential information by email. However, this is no longer an acceptable excuse, particularly when sharing such highly sensitive information.

"Encryption solutions are available that enable multi-faceted authentication (ensuring only the correct recipient can access highly sensitive information) as well as the ability to restrict what a recipient can do with received information or, if the worst does happen, revoke that access altogether. Mistakes happen, it’s a fact of life. Yet organisations need to ensure they give employees the right tools to work securely, while also providing a safety net should mistakes happen. Otherwise we will continue to see breaches of this kind."