By Sahil Nagpal
May 9th, 2008
Hong Kong – A government investigation was underway Friday after it was revealed that confidential files from the Immigration Department had been mistakenly leaked on to the internet.
The list, which contained a list of the names of people for officers to watch, plus travel document information and travel records, has been available on the internet since Monday through a file-sharing programme called “Foxy.”
The blunder occurred after a newly-recruited immigration officer working at the Lok Ma Chau border point took home some old classified files to study without authorisation.
His computer contained the “Foxy” programme and when he connected to the internet, the files were distributed without his knowledge.
The security blunder is the latest in a series in Hong Kong in the last week.
Earlier this week, banking giant HSBC was forced to apologise to customers after it admitted it had lost the data of 159,000 accounts from a Hong Kong branch.
The data was held on a internet server which is understood to have gong missing in April from the Kwun Tong branch of the bank while it was undergoing renovation last month.
The Hospital Authority also admitted this week to the loss of data of thousands of patients in several incidents.
In one case, a USB flashdrive containing the files of 10,000 patients from the Prince of Wales Hospital was lost after a hospital worker who was transferring the data left it in a taxi.
Lawmaker James To, the vice-chairman of the Legislative Council security panel said the immigration department security breach was by far the most serious of all three.
“This data is more private, it gives the detailed record of people’s travelling history,” he said.
Chairman of the security panel Lau Kong-wah said the leak was unforgivable.
“The data is sensitive information. Not only the Immigration Department, but all government organisations should review their data-privacy systems to prevent similar cases,” he said.
Security Secretary Abromse Lee has said the officer concerned would face disciplinary action after an investigation. (dpa)
It is not only unforgivable, but it is also undoable, and the latter is more important.
If you read BLOGDIAL, you can relate this story in ‘the Google between your ears™’ to all the other BLOGDIAL posts on this subject.