Overview
- A third-party subcontractor, Inflite The Jet Centre, reported on August 10 that unauthorised access to emails held between January and March 2024 may have exposed personal data for about 3,700 individuals.
- The MoD warning says compromised information could include names, dates of birth, passport numbers and Afghan Relocations and Assistance Policy reference numbers for evacuees, military personnel and some former ministers.
- Inflite has informed the Information Commissioner’s Office and is cooperating with the National Crime Agency and National Cyber Security Centre, while the MoD stresses core government systems were not breached.
- So far there is no evidence that the stolen data has been published publicly or on the dark web, but concerns over potential reprisals against Afghan allies have resurfaced.
- The latest incident highlights ongoing vulnerabilities in the MoD’s contractor network and has fuelled legal claims, compensation planning and calls for tighter oversight by Parliament.