The names and personal information of more than 6,000 noncitizens were posted on the Immigration and Customs Enforcement (ICE) website erroneously, an ICE spokesperson told ABC News on Thursday.
The data breach occurred on Monday, according to an agency spokesperson.
“On November 28, 2022, while performing routine updates, a document was erroneously posted to ICE.gov for approximately five hours that included names and other personally identifiable information, along with immigration information, of approximately 6,000 noncitizens in ICE custody," an ICE spokesperson told ABC News in a statement.
"Upon notification, U.S. Immigration and Customs Enforcement took swift action to immediately rectify the error. Though unintentional, this release of information is a breach of policy, and the agency is investigating the incident and taking all corrective actions necessary. ICE is notifying noncitizens impacted by the disclosure.”
The LA Times was first to report the news.
At 9:45 a.m. on Monday, an Excel spreadsheet was uploaded to ICE.gov that included the names and A-numbers of 6,252 noncitizens seeking protection, according to a source familiar with the situation. The Human Rights First immigration organization then alerted ICE to the issue at 1:53 p.m. and at 2:04 p.m ICE deleted the personally identifiable information tab from ICE.gov.
ICE is notifying the impacted noncitizens directly or their attorneys-of-record of the improper disclosure, according to a source familiar with the situation. This will allow noncitizens or their attorneys-of-record to determine whether the disclosure may impact the merits of their protection claim, according to the source.
As a routine part of an investigation into a data disclosure, ICE will identify through IP addresses entities that accessed the information and the official says ICE is monitoring the internet for any reposting of the data.