A mistake with Microsoft Outlook's autofill feature sent personal details of the world's top leaders attending the G20 summit in Brisbane, Australia, to organizers of the Asian Cup soccer tournament. Those affected include the presidents of the US, China, Russia, Brazil, the European Commission, France, and Mexico; the prime ministers of Japan, India, the UK, Italy, and Canada; and the German Chancellor. Among the information disclosed was the passport numbers, visa details, and other personal identifiers.
The blunder occurred on November 7 last year, just before the G20 summit took place. Details are contained in an e-mail sent to the Australian privacy commissioner by the director of the visa services division of Australia's Department of Immigration and Border Protection, obtained by The Guardian using a freedom of information request. The e-mail explains: "The cause of the breach was human error. [Name redacted] failed to check that the autofill function in Microsoft Outlook had entered the correct person's details into the email 'To' field. This led to the email being sent to the wrong person."
Rather surprisingly, in view of the individuals involved, they were not informed of this breach when it was discovered. The director of the visa services division explained why in the e-mail obtained by The Guardian: "Given that the risks of the breach are considered very low and the actions that have been taken to limit the further distribution of the e-mail, I do not consider it necessary to notify the clients of the breach."