Thanks to The Guardian newspaper and a freedom of information request, I’ve just read that the personal information of 31 world leaders was exposed due to human error and the ease of hitting the “send” button.
Handout photo, courtesy of G20 and Getty Images
The breach was caused by a staff member at Australia's Department of Immigration while world leaders attended the G20 Leaders' Summit in Australia last November. According to the BBC, ‘The breach was said to be the result of "human error", with the sender forgetting to check the auto-fill function in Microsoft Outlook's email service before hitting send.’ In addition to dates of birth, titles, nationalities and so on, the email included sensitive information such as the passport numbers and visa numbers of US President Barack Obama, UK Prime Minister David Cameron, Russian President Vladimir Putin, German Chancellor Angela Merkel, Chinese President Xi Jinping and 26 other world leaders. The data loss was not made public at the time and we have The Guardian newspaper to thank for uncovering this particular leak. I am absolutely certain that only a tiny fraction of such leaks are ever made public: they happen every day and, while organizations often don’t find out about their leaks, when they do they rarely admit to them for fear of losing customers and share value. I’ve said this before and I’ll say it again: busy people make mistakes. In the rush to squeeze as much work into busy schedules, it is a statistical certainly that sensitive data will be included in the wrong email sent to the wrong person. The only way to prevent data loss due to human error is to utilize an automated data loss prevention solution such as ZixDLP, a data loss prevention solution that is working in the background twenty-four hours a day, seven days a week. ZixDLP can be deployed in less than one day. It is easily integrated into your current network and administering it is simple – that is, you don’t need more staff. Outbound emails and their attachments are scanned by ZixDLP in real time, and if sensitive data is detected going to an inappropriate address, the email is sent to a quarantine system, thus giving you and your employees a second chance to check the content. Don’t go exposing your clients, staff and business to avoidable data loss: take action before you get hit.