Sri Lanka Foreign Employment Bureau Publicizes Personal Information Of Over 25,000 Individuals
July 28, 2014
Making a public display of the pathetic state of cyber-security unawareness in the state sector, the Sri Lanka Foreign Employment Bureau (SLFEB) at the heights of their ignorance had publicized personal information including ID/passport numbers of over 25,000 individuals.
Dilan Perera – Minister Foreign Employment
The publicized data had been uncovered by Suchetha Wijenayake – an employer of Linux Center in Colombo. He had stumbled upon the files while looking up two names who used to be ardent listeners of Sri Lanka Broadcasting Corporation (SLBC). One of the Google listings that popped up had led him to a 2.5 MB Microsoft Excel file that contained full names, ID/passport numbers of over 25,000 individuals that had been dated from July-September 2013 indicating the information was in the public domain for over a year.
Instantly recognizing the gravity of the situation, Suchetha had attempted to contact SLFEB Chairman Amal Senadhilankara, but to no avail. Finally he had been directed to SLFEB’s IT Consultant, who had confirmed the records were indeed public and were ‘supposed to be out there’. Without accepting the mistake on their part, he had turned around and accused Suchetha of attempting to hack the SLFEB website.
Suchetha had thereafter contacted Senadhilankara’s Secretary, to whom he had explained the situation. She had requested him to write an email to her, explaining the situation and fortunately, she had understood the gravity of the situation and the files had been taken down 30 minutes later.
However, Suchetha has written that even afterwards his numerous attempts to contact Senadhilankara and explain to him that their site is insecure was not successful.
This incident ironically reflects on the sorry state of the lack of IT knowledge among those who administer manage government owned websites, despite the Rajapaksa regime’s aspirations of making Sri Lanka an IT hub. Against this backdrop, it is no wonder government sites are being constantly targeted by hacker groups.
The Oslo Forum And The Elephant In The room
Prof. Rajiva Wijesinha MP
I was privileged last month to attend the Oslo Forum, an annual gathering of those engaged in mediation and conflict resolution. I had been invited, along with Mr Sumanthiran, to debate on whether it was correct to talk to extremists. The concept paper referred in some detail to recent developments in Nigeria and Afghanistan, but we were in fact the only participants in the debate from a country which had recently been in grave danger from extremists. We were able however to benefit during the Forum in general from informed inputs from several delegates from countries now suffering from extremism, such as Nigeria and Syria and Yemen.
Our own debate was chaired by Tim Sebastian, and though it was generally accepted that I came off well, I told him afterwards that I was glad my Hard Talk interview had been not with him, but with Stephen Sackur. Interestingly, that interview still raises hackles amongst those who seem stuck in an extremist agenda, so I presume they are grateful to our government for no longer using the services of anyone who can engage effectively in Hard Talk. In turn I am grateful to the Centre for Humanitarian Dialogue, based in Switzerland, which organizes the Oslo Forum, and more recently to the Australian Broadcasting Corporation, for giving me a forum in which to argue the case for what the Sri Lankan government has achieved. Contrariwise, those now with the mandate to represent us internationally seem busily engaged in undoing that achievement day by day. Read More
