The Guardian has revealed that personal information from job applicants at the Tate has been exposed online, compromising addresses, salaries, and phone numbers of examiners.
These extensive records, running hundreds of pages, were shared on a site not affiliated with the government-supported organization managing London’s Tate Modern, Tate Britain, Tate St Ives in Cornwall, and Tate Liverpool.
The leaked data encompasses details like the current employers and educational background of applicants related to the Tate’s Website Developer Search in October 2023, affecting 111 individuals. While names are undisclosed, referees’ phone numbers and personal email addresses might be included. It remains unclear how long this information has been available online.
Max Kohler, a 29-year-old software developer, learned his data had been compromised after one of his application reviewers received an email from an unfamiliar source who accessed the online data dump.
Kohler found that the breach contained his last paycheck, current employer’s name, other reviewers’ names, email addresses, home addresses, and extensive responses to job interview questions.
“I feel extremely disappointed and disheartened,” he stated. “You dedicate time filling out sensitive information like your previous salary and home address, yet they fail to secure it properly and allow it to be publicly accessible.”
“They should publicly address this issue, provide an apology, and clarify how this happened, along with actions to prevent future occurrences. It likely stems from inadequate staff training or procedural oversights.”
Reported incidents of data security breaches to the UK’s Information Commissioner’s Office (ICO) continue to rise. Over 2,000 incidents were reported quarterly in 2022, increasing to over 3,200 between April and June of this year.
Kate Brimstead, a partner at Shoesmith law firm and an authority on data privacy, information law, and cybersecurity, commented: “Breaches do not always have to be intentional. While ransomware attacks attract significant attention, the scale of current breaches is substantial.” Errors can often contribute to these incidents, highlighting the necessity for robust checks and procedures in daily operations. “Managing our data can be tedious, but it remains crucial,” she added.
The ICO emphasized that organizations must report a personal data breach to them within 72 hours of being aware, unless there is no risk to individuals’ rights and freedoms. If an organization decides not to report, they should maintain a record of the breach and justify their decision if needed.
A spokesperson for Tate stated: “We are meticulously reviewing all reports and investigating this issue. Thus far, we haven’t identified any breaches in our systems and will refrain from further comment while this issue is under investigation.”
quick guide
Contact us about this story
show
The integrity of public interest journalism relies on firsthand accounts from knowledgeable individuals.
If you have insights regarding this issue, please contact us confidentially using the methods listed below.
Secure messaging in the Guardian app
The Guardian app provides a way to share story tips. Messages sent via this feature are encrypted end-to-end and integrated within typical app functions, keeping your communication with us secure.
If you haven’t yet downloaded the Guardian app, you can find it on (iOS/Android) and select “Secure Messaging” from the menu.
SecureDrop, instant messaging, email, phone, and postal mail
If you can secure your use of the Tor network, you can send us messages and documents through our <a href=”https://www.theguardian.com/securedrop”>SecureDrop platform</a>.
Additionally, our guide located at <a href=”https://www.theguardian.com/tips”>theguardian.com/tips</a> lists several secure contact methods and discusses the advantages and disadvantages of each.
WAfter arriving in Bangkok from Nairobi last December, Duncan Okindo sensed something was amiss as he began his job as a customer service agent. The 26-year-old had previously sold cattle, borrowed funds from a friend, and used his savings to pay the recruitment agency 200,000 Kenyan Shillings (£1,150).
“I thought it was a positive step to leave [the country] and seek opportunities to support my family,” Okindo recalls.
Unfortunately, when a van collected Okindo and six other Kenyans at the airport, the driver took their passports and falsely informed Thai officials that they were tourists. After several hours of travel, they were taken to a boat to cross a river, confused and exhausted.
For the next three months, he was forced to send thousands of messages from fake social media accounts, posing as a wealthy American investor to defraud U.S. real estate agents through cryptocurrency scams.
When he failed to hit his daily targets, he faced beatings, confinement in a freezing room, and sometimes went without food for up to two days. He prayed for the safety of others who suffered at the hands of the Chinese gangsters operating the center, wishing they could avoid the electrocution and sexual torture he witnessed.
“It was hell on Earth,” says Okindo. “I felt completely shattered.”
Eventually, he was released from Myanmar’s KK Park, a compound reflecting the rising number of Kenyans, Ugandans, and Ethiopians trafficked to Southeast Asia as criminal organizations look to expand the East African labor pool.
KK Park is a rapidly growing fraud center located in Myawadi, along Myanmar’s border with Thailand. Photo: Jittrapon Kaicome/The Guardian
Since the 2021 coup in Myanmar, there’s been a surge in cyber slavery compounds, taking advantage of the country’s weakened governance and fostering illegal activities. The number of such centers along the Thai border has escalated from 11 to 26 in just four years.
Okindo considers himself fortunate. The mission to find and free trafficked individuals involves coordination among multiple governments, militias, and police forces. Thai officials have successfully promoted the release of thousands of trafficking victims, while East African governments are increasingly collaborating with Thai authorities willing to engage with Myanmar’s junta and militia forces at the border.
Victims can only be released into Thai custody if their home country agrees to take responsibility for their repatriation and the associated costs.
Since 2020, the Southeast Asian cyberslavery industry has ensnared hundreds of thousands, forcing individuals into what is colloquially termed “slaughtering the pigs,” a brutal way to build trust with scam targets before executing fraud. Initially aimed at Chinese and Taiwanese victims, the industry has expanded to Southeast Asians, Indians, and now, Africans.
“Sometimes I’m afraid to talk about it,” Okindo reflects. Photo: Provided by Duncan Okindo
This has led various human trafficking networks to search for recruits with English and technical skills, including East Africans. Estimates now suggest thousands are trapped in Southeast Asian compounds, according to Benedict Hoffman, a representative of the United Nations Office on Drugs and Crime in Southeast Asia and the Pacific.
As awareness grows among citizens in various countries, recruitment becomes increasingly challenging. “It’s much harder these days to enlist large numbers of individuals from India,” Hoffmann notes. “This is why we’re observing a rise in victims from Africa.”
Between January and April, the Kenyan government successfully repatriated 175 citizens from Myanmar; Roseline Njogu, the Director of the Diaspora Issues Department in Kenya’s State Department, noted that a substantial group of Kenyans, about 150 individuals trafficked from across Southeast Asia, was rescued between 2022 and 2024. This issue also extends to Ethiopia and Uganda.
Recruiters exploiting modern slavery are capitalizing on government migration promotion, targeting Kenya through online job advertisements, social media, texts, and in-person visits to rural areas, states Mutuk Nguri, CEO of the Counter Human Traffic Trust.
Chinese, Vietnamese, and Ethiopians rescued in Misawadi, Myanmar. They are recognized as victims of human trafficking at fraud centers. Photo: Thanaphon Wuttison/AP
The government acknowledges its precarious position, according to Nguri. The Kenyan Ministry of Foreign Affairs and Diaspora Issues did not respond to requests for comments.
Thailand has aided thousands, but repatriation presents its own challenges and costs. Thai officials must establish that workers are indeed victims of human trafficking before releasing them to their home countries.
When Susan Wahura* was rescued from a Myanmar romance scam operation in 2022, she spent a month moving between four Thai detention centers before realizing she was trafficked and initiating legal steps to obtain freedom.
“I spent time in a solitary cell before accepting my status as a trafficking victim which ultimately led to my freedom,” shares 32-year-old Wahura.
Neither Uganda nor Ethiopia maintain embassies in Thailand, complicating their ability to identify victims in Myanmar, currently engulfed in civil conflict. Earlier this year, several Ugandans and Ethiopians found themselves stranded at the Myanmar-Thai border as repatriation efforts stalled.
Duncan Okindo has created a TikTok video detailing his trafficking experiences in Myanmar, aiming to raise awareness about predatory agencies and bogus job offers. Photo: Carlos Mureithi/The Guardian
The fraud syndicate is exploiting vulnerabilities in East Africa’s diplomatic representation to deter victims from seeking help, asserts Jason Tower, a global initiative against transnational organized crime.
“Ultimately, that’s the objective of the scam syndicate—to transform individuals into profit-generating machines, acting as high-capacity con artists,” states Tower.
Nevertheless, despite repatriation efforts by East African nations, deceptive recruitment agencies keep advertising fake job opportunities. Both Okindo and Wahura continue to share guardian messages with Kenyans contemplating moves to Southeast Asia.
In May, Okindo, who holds a mass communication diploma, filed a lawsuit against the recruitment agency and its staff, accusing them of conscription into slavery and human trafficking. A Nairobi court has issued a temporary injunction preventing the overseas employment of labor.
Since his return, Okindo has spoken publicly about his experiences through television, TikTok, and other social media outlets, connecting stranded victims with legal support, aid organizations, and ambassadors for their recovery.
His aim is to raise awareness about malicious institutions and false job opportunities while encouraging victims to seek justice.
“I’ve enlightened many individuals,” he asserts. “Though I sometimes feel scared discussing it, I share my story, knowing that speaking out could help save others.”
Officials will employ artificial intelligence to assist in estimating the age of asylum seekers who claim to be minors.
Immigration Minister Angela Eagle stated on Tuesday that the government will pilot technology designed to assess a person’s age based on facial characteristics.
This initiative is the latest effort aimed at helping the Labor Minister leverage AI to address public service issues without incurring significant expenses.
The announcement coincided with the public release of a report by David Bolt, the Chief Inspector of Borders and Immigration. A crucial report indicated efforts to estimate the age of new arrivals.
Eagle mentioned in a formal statement to Parliament: “We believe the most economically feasible approach is likely to involve estimating age based on facial analysis. This technology can provide age estimates with known accuracy for individuals whose age is disputed or uncertain, drawing from millions of verifiable images.”
“In cases where it’s ambiguous whether the individual undergoing age assessment is over 18 or not claiming to be a minor, facial age estimation offers a potentially swift and straightforward method to validate judgments against the technology’s estimates.”
Eagle is launching a pilot program to evaluate the technology, aiming for its integration into official age verification processes by next year.
John Lewis announced earlier this year that it will be the first UK retailer to facilitate online knife sales using facial age estimation technology.
The Home Office has previously utilized AI in other sectors, such as identifying fraudulent marriages. However, this tool has faced criticism for disproportionately targeting specific nationalities.
Although there are concerns that AI tools may intensify biases in governmental decision-making, the minister is exploring additional applications. Science and Technology Secretary Peter Kyle announced a partnership with OpenAI, the organization behind ChatGPT, to investigate AI deployment in areas like justice, safety, and education.
Bolt expressed that the mental health of young asylum seekers has deteriorated due to failings in the age verification system, especially in Dover, where the influx of small boats is processed.
“Many concerns raised over the past decade regarding policy and practices remain unresolved,” Bolt cautioned, emphasizing that the challenging conditions at the Dover processing facility could hinder accurate age assessments.
He added: “I have heard accounts of young individuals who felt distrustful and disheartened in their encounters with Home Office officials, where hope has faded and their mental well-being is suffering.”
His remarks echo a report from the Refugee Council, indicating that at least 1,300 children have been mistakenly identified as adults over an 18-month period.
Last month, scholars from the London School of Economics and the University of Bedfordshire suggested that the Home Office should be stripped of its authority to make decisions regarding lonely asylum seekers.
When Ty passed a phone interview with a financial/banking company last month, they thought it would be nothing more than a quick chat with a recruiter. When Ty answers the phone, he assumes the recruiter named Jamie is a human. But things have become robotic.
“The voice sounded like Siri,” said Tai, 29, who lives in the D.C. metropolitan area. “It was creepy.”
Ty realized they weren’t talking to a living, breathing human being. Their interviewer was an AI system and had a tendency to be quite rude. Jamie asked Ty all the right questions – what is your management style? Are you suitable for this role? – But she wouldn’t let Ty answer completely.
“After disconnecting me, the AI responds, “Great!” Sounds good! perfection! ‘Move on to the next question,’ Tai said. “After the third or fourth question, the AI paused for a moment and said the interview was complete and someone from the team would contact me later.” (Ty said his current employer We asked that our last names not be used because we do not know that they are looking for work.)
a investigation Resume Builder, released last summer, found that by 2024, 4 in 10 companies will be using AI to “converse” with candidates during interviews. Of these companies, 15% said hiring decisions are made without any human input.
Laura Michelle Davis I have written From CNET: “Today, it’s not uncommon for applicants to be rejected by robots in human resources departments before they even connect with a real human.” To make the grueling hiring process even more discouraging, many are worried that generative AI, which uses datasets to create text, video, audio, images, and even robot recruiters, will completely take over our jobs.But can AI help us? search Any new gigs in the meantime?
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.