T4K3.news
MoD linked supplier breach exposes Afghan data
A cyber-attack affected up to 3,700 people connected to Afghan resettlement; investigations are ongoing and the government says there is no threat to safety.
A cyber-attack at Inflite The Jet Centre linked to the defence ministry exposed personal data of Afghans in a resettlement program.
MoD linked supplier breach exposes Afghan data
Inflite The Jet Centre Ltd, a private company that provides ground services for flights linked to the Defence Ministry and the Cabinet Office, said a data breach affected up to 3,700 people. The exposed data relates to individuals connected to the Afghan Relocations and Assistance Policy and those who travelled through London Stansted between January and March 2024. The incident appears limited to access to a subset of company emails, and the firm has notified the Information Commissioner’s Office and is working with the National Crime Agency and the National Cyber Security Centre.
The government says there is no threat to individuals’ safety and no breach of government systems. The incident is not believed to have involved data released on the dark web. The case echoes a 2022 breach that affected 18,714 Afghans who had worked with British forces, and a later apology from the defence secretary followed.
Key Takeaways
"We believe the scope of the incident was limited to email accounts only, however, as a precautionary measure, we have contacted our key stakeholders whose data may have been affected during the period of January to March 2024"
Inflite The Jet Centre statement on the breach
"We take data security extremely seriously and are going above and beyond our legal duties in informing all potentially affected individuals."
Government spokesperson on notification and safeguards
"The incident has not posed any threat to individuals’ safety, nor compromised any government systems."
Official government update on risk
Private contractors hold sensitive data, and this case shows how third party risk can touch humanitarian programs. It calls for clearer rules on data sharing and stronger oversight of suppliers used by defence ministries. Public confidence depends on timely transparency and accountability when data leaks happen. The episode also highlights the ongoing tension between rapid support for refugees and the need for tighter data protections across outsourced services.
Highlights
- Data privacy is not optional when lives are at stake
- Public trust hinges on how fast we fix third party risk
- Protecting Afghan data is a test of government accountability
- Private data must stay private when it involves refugees
Data privacy risk in MoD contractor breach
The incident highlights how outsourced defence work can expose sensitive information about refugees and civil servants. It raises questions about controls, notification timelines, and public accountability.
The lesson is to tighten controls while keeping humanitarian work moving.
Enjoyed this? Let your friends know!
Related News
MoD data breach affects Afghan resettlement records
Data breach reveals identities of UK spies and Afghan allies
Top civil servant of Defence Ministry steps down after Afghan data breach
Superinjunction against Afghan data breach lifted
UK creates Afghan relocation scheme after data breach
Allianz Life data breach affects 1.1 million customers
Data breach jeopardizes MI6 and SAS operatives
Afghan ARAP applicant faces risk after UK data leak
