A database containing the full names, nationalities, locations, arrival dates, and boat arrival information of nearly 10,000 asylum seekers has been accidentally published by the Australian Department of Immigration and Border Protection, The Guardian first reported.
The newspaper said that the database contained the details of every individual, including children, detained in a mainland or Christmas Island detention facility.
A statement released by the Department of Immigration and Border Protection acknowledged that the data was open to authorised access.
"This information was never intended to be in the public domain," a spokesperson for the department said. "The file has been removed and the department is investigating how this occurred to ensure that it does not happen again."
The Office of the Australian Information Commissioner (OAIC) said that it is aware of this data breach, and that Australian Privacy Commissioner Timothy Pilgrim had spoken to the immigration department and been assured that the information is no longer publicly available.
"This is a serious incident and I will be conducting an investigation into how it occurred," Pilgrim said in a statement.
"As part of this investigation, the Department has undertaken to provide me with a detailed report into the incident. Further, the OAIC will be working with the Department to make sure they are fully aware of their privacy obligations and to ensure that incidents of this nature will not be repeated."
The incident raises concerns of the inability of Australian government agencies to ensure that sensitive information remains secure.
Last year, the Labor government refused to confirm reports that it had fallen afoul of Chinese hackers, and had the blueprints of the Australian Security Intelligence Organisation's new headquarters stolen.
The ABC's Four Corners program reported that the hacks had netted documents that contained details of the headquarters' floor plan, communication cabling layouts, server locations, and security systems.