Home Affairs has been ordered to compensate asylum seekers over a data breach. 

In 2014, the office then known as the Department of Immigration and Border Protection (DIBP) mistakenly released the private details of around 9,250 detainees in immigration detention online.

The data was available for over a week. The personal details were only taken down after the breach was revealed in media reports, and the DIBP was found to have breached the Privacy Act. 

A total of 1,297 asylum seekers in New South Wales, Western Australia, and the Northern Territory launched a class action claiming that the breach exposed them to persecution from authorities in their home countries.

The Office of Australian Information Commissioner (OAIC) has now ordered the Department of Home Affairs (formerly the DIBP), to pay compensation for each individual.

The compensation for participating class members is expected to range from $500 to more than $20,000, determined on a case-by-case basis.

The process could take up to 12 months to complete. The department and each individual will have to agree on a compensation amount, with opportunities to re-assess the payable amount if either is unhappy.

Information about the determination will be published in 21 different languages so that all participating class members are informed and can finalise their claims.