The Privacy Commissioner and the Immigration Department have launched investigations into how details of thousands of asylum seekers in Australia were inadvertently made accessible online.
The breach could potentially see thousands of asylum seekers in Australia who were previously ineligible for refugee status have their claims validated, one legal expert says.
Refugee lawyer David Manne said the law was "crystal clear that identification of a person seeking protection can result in them being granted protection on that basis itself".
"It's a fundamental principle of refugee law that a person seeking asylum should be free to make their claim free of disclosure of their identity to the authorities in their home country," he said, describing the reported revelation as one of the most "grave and dangerous breaches of privacy in Australian history".
Guardian Australia reported on Wednesday that the personal details of a third of asylum seekers held in Australia – making up about 10,000 people – were revealed on the Immigration Department's website.
Privacy Commissioner Timothy Pilgrim announced on Wednesday afternoon that he had spoken to Immigration and had "been assured" that the information was "no longer publicly available".
Describing the breach as a "serious incident" Mr Pilgrim said he would investigate how it occurred. He added that Immigration would provide a detailed report about the incident as part of the investigation.
Later on Wednesday, Immigration Minister Scott Morrison released a statement confirming that an "immigration detention statistics report" released on the department's website on February 11 "inadvertently provided access to the underlying data source used to collate the report content which included private information on detainees".
Mr Morrison welcomed Mr Pilgrim's investigation and said Immigration Department's secretary Martin Bowles had also tasked KPMG to review how the breach occured, with an interim report due next week.
He said the "unacceptable incident" was a "serious breach of privacy" by the department.
"I have asked the department Secretary to keep me informed of the actions that have been initiated, including any disciplinary measures that may be taken, as appropriate," Mr Morrison said.
The Immigration Minister said that immediate steps had been taken to remove the documents from the department's website after media alerted it of the breach.
"The information was never intended to be in the public domain, nor was it in an easily accessible format within the public domain," he said.
Mr Morrison also told Sky News it was still to be seen whether the release of the information would have implications for the protection claims of the asylum seekers involved.
‘‘All people’s protection claims are considered individually on the merits of each specific case,’’ he said.
‘‘There would be no general rule that would apply to these sorts of things.’’
A report by Guardian Australia said the information online included all asylum seekers held in a mainland detention facilities, on Christmas Island and several thousand in community detention. Children were also included.
Despite the federal government's insistence about the need for greater secrecy when it comes to immigration and border protection, the full names, nationalities, location, arrival date and boat arrival information was reportedly revealed on the department's website.
Guardian Australia has not identified where the database was located online and said it told the department about the information before it reported the breach.
Refugee Council of Australia president Phil Glendenning said the release of asylum seekers' information was "outrageous" and unprecedented.
"We are deeply disturbed by this," he told Fairfax Media.
Mr Glendenning said the breach ran the risk of exposing people who were already vulnerable to "very serious danger".
This not only included reprisals if asylum seekers were sent back to their country of origin, but their families - either in home countries, or transit countries in between.
The Refugee Council is also seeking particular assurances about the safety of people in community detention who may have had their location revealed.
Labor's immigration spokesman Richard Marles said the report was an "enormous concern". "Let's be clear - this is a government with a culture of secrecy but it is utterly unable to manage secrecy," he told reporters in Canberra.
Coalition MP Jane Prentice told Sky News that the breach was a "shocking mistake" and that the "full ramifications" would have to be examined.