ICE launches investigation after data of more than 6,000 immigrants exposed
Immigration and Customs Enforcement has launched an investigation after a spreadsheet containing personally identifiable information of 6,252 immigrants seeking protection in the U.S. was inadvertently uploaded to a public-facing website on Monday.
The internal probe is being led by the agency’s Office of Professional Responsibility and Office of the Chief Information Officer, FedScoop has learned.
As part of the investigation, ICE will analyze IP addresses to establish which entities may have accessed the PII while it was publicly available, and issue “claw-back” letters instructing individuals and organizations to destroy any files they may have retained.
The remedial action comes after details including names, nationalities and locations were accidentally uploaded to the agency’s website.
The data disclosure may have directly placed immigrants at risk of retaliation from the individuals, gangs and governments they are fleeing, according to the Los Angeles Times, which first reported details of the incident.
All of the immigrants affected by the data disclosure are currently in ICE custody.
An Excel spreadsheet containing the names and A-numbers of 6,252 non-U.S. citizens seeking protection in the U.S. was uploaded to ICE’s website at 9:45 a.m. EST on Monday.
Four hours later at 1:53 p.m., ICE was notified by nonprofit Human Rights First that PII had been uploaded to its website, and the file was deleted by 2:04 p.m.
Federal regulations generally make it illegal for such data disclosure without permission from top officials in the Department of Homeland Security because personal information of asylum seekers is supposed to be kept confidential.
In a statement to FedScoop, ICE said: “On November 28, 2022, while performing routine updates, a document was erroneously posted to ICE.gov for approximately five hours that included names and other personally identifiable information, along with immigration information, of approximately 6,000 noncitizens in ICE custody.”
They added: “Upon notification, U.S. Immigration and Customs Enforcement took swift action to immediately rectify the error. Though unintentional, this release of information is a breach of policy and the agency is investigating the incident and taking all corrective actions necessary. ICE is notifying noncitizens impacted by the disclosure.”
Following the data disclosure, ICE is reviewing policies, practices and technologies to reduce the risk of future improper disclosure of information.
