E-mail leaks for hundreds of LeaveHomeSafe enquiries

The government’s IT office said staff employed by a contractor had accidentally leaked hundreds of e-mails from people asking them about the LeaveHomeSafe app.

Apple Daily reported on Sunday that more than 400 emails were sent to one of those who offered opinion through the government hotline, 1823, on the app that helps with Covid-19 contact tracing.

The Office of the Government’s Chief Information Office (OGCIO) said the leak took place on 23 May, and it’s launched an immediate probe.

“The office immediately notified the Privacy Commissioner for Personal Data and asked for its advice, and offered apologies through separate e-mails to each of those affected the next day,” it said in response to media enquiries.

The office said a warning letter was given to the contractor, and it’s asked the relevant staff to be transferred to another role.

Meanwhile, OGCIO also warned that it’s a criminal offence for people to use fake vaccination records or records for other people.

This came after the Oriental Daily reported of potential for abuse because app users could scan other people’s records.

The office stressed that the app doesn’t verify the identity of those who store the records, and only verifies whether the relevant QR code is genuine.

It didn’t respond to questions on whether it would modify the app to include a function to verify the users’ identity to match vaccination records.