The immigration department has admitted it accidentally published the personal details of 10,000 asylum seekers in detention on its website.
The department said the information was never intended to be in the public domain after The Guardian reported that details of every asylum seeker in Australian detention, community detention or on Christmas Island was affected by the privacy breach.
“The department acknowledges that the file was vulnerable to unauthorised access,” a spokeswoman said in a statement.
“The file has been removed and the department is investigating how this occurred to ensure that it does not happen again.”
In the past, the immigration department refused to release asylum seekers’ personal information because it could put them in danger.
Labor immigration spokesman Richard Marles said the government had an appalling record of information management.
“It can’t determine what should be made public and what should be kept private,” he told reporters in Canberra.
“It’s getting it wrong at every turn.”
He warned there could be legal implications as a result of the breach.
Australian Greens senator Sarah Hanson-Young says the data breach makes a mockery of the government’s obsession with secrecy.
Comment has been sought from Immigration Minister Scott Morrison.