December 2, 2022

On Wednesday, U.S. Immigration and Customs Enforcement (ICE) admitted that it had accidentally posted the personal information of over 6,000 people in its custody seeking asylum in the U.S. on its website earlier this week.

According to ICE, the data dump occurred on Monday morning during a routine website update. Human Rights First notified the agency about five hours later that it had posted a large amount of personally identifiable information (PII) on its website.

According to Human Rights First, an advocacy group that discovered the leak on Monday, the information included names, nationalities, detention centers where the people were held, and unique numbers used to identify them in government records.

The immigration officers revealed the data breach in an online statement posted Wednesday: “A document was erroneously posted to ICE.gov for approximately five hours that included names and other personally identifiable information, along with immigration information, of approximately 6,000 noncitizens in ICE custody,” the statement said. “Upon notification, U.S. Immigration and Customs Enforcement took swift action to immediately rectify the error. Though unintentional, this release of information is a breach of policy, and the agency is investigating the incident and taking all corrective actions necessary.”

The agency stated that it was notifying affected individuals and taking steps to mitigate harm to those whose data had been exposed, including placing a “high interest notice alert” on the thousands of people whose PII had been posted online.

The sources for this piece include an article in TheRegister.