A UK defense contractor has suffered a cyberattack that compromised personal data related to Afghan resettlement efforts. This marks the latest in a string of security breaches involving Afghan refugees’ private information.
The breach occurred at Inflite The Jet Centre Ltd, a company handling ground services for flights connected to the UK Ministry of Defence and Cabinet Office. It exposed details of up to 3,700 people, including Afghans seeking refuge under the Afghan Relocations and Assistance Policy. Those affected had flown into London Stansted Airport between January and March 2024.
The leaked data may also include information on civil servants, military personnel on routine exercises, and journalists.
Inflite The Jet Centre Ltd confirmed the breach on its website, stating that unauthorized access had been gained to “a limited number of company emails.” The company reported the incident to the Information Commissioner’s Office and is cooperating with the National Crime Agency and National Cyber Security Centre in their investigation.
“We believe the breach was confined to email accounts, but as a precaution, we’ve notified key stakeholders whose data may have been exposed between January and March 2024,” the company said.
The identity of the hackers remains unknown, but affected individuals have been alerted.
A government spokesperson said: “We were informed that a subcontractor experienced a cybersecurity incident involving unauthorized access to a small number of emails containing basic personal data. We take data security very seriously and are going beyond legal requirements to notify those potentially affected. The incident poses no safety risk and did not compromise government systems.”
There is no evidence the data has been leaked to the dark web or made public.
This follows a previous breach in February 2022, when a defense official exposed the personal details of 18,714 Afghans who had worked with British forces. The UK High Court later issued a superinjunction to suppress details of that breach, for which Labour’s defense secretary, John Healey, later apologized.
FAQS
### **FAQs: Ministry of Defence Contractor Cyber Attack**
#### **Basic Questions**
**1. What happened in the Ministry of Defence contractor cyber attack?**
A contractor working with the UK Ministry of Defence was hacked, exposing personal data of Afghan nationals who applied for resettlement in the UK.
**2. Who was affected by this data breach?**
Afghan applicants to UK resettlement schemes had their names, contact details, and possibly other sensitive information exposed.
**3. What is ARAP?**
The **Afghan Relocations and Assistance Policy** helps Afghans who worked with the UK government relocate safely to the UK.
**4. How did the breach happen?**
A cyber attack targeted an external IT system used by a MoD contractor, allowing hackers to access stored data.
**5. Has the MoD confirmed the breach?**
Yes, the MoD has acknowledged the incident and is investigating.
—
#### **Intermediate Questions**
**6. What kind of data was leaked?**
Names, email addresses, phone numbers, and possibly some passport or ID details of applicants.
**7. Was financial or highly sensitive data exposed?**
The MoD has not confirmed financial data was stolen, but personal identification details may have been compromised.
**8. What should affected individuals do now?**
– Monitor for suspicious emails or calls.
– Report any suspicious activity to UK authorities.
– Await official guidance from the MoD on next steps.
**9. Has the contractor been named?**
Not yet publicly confirmed, but investigations are ongoing.
**10. Are other UK government systems at risk?**
The MoD says this was an isolated incident with a third-party contractor, not a direct breach of MoD systems.
—
#### **Advanced Questions**
**11. Could this breach endanger Afghan applicants still in Afghanistan?**
Potentially, yes. If Taliban-linked hackers accessed the data, applicants could face retaliation. The UK government is assessing risks.
**12. What cybersecurity measures failed here?**
Likely weak security protocols in the contractor’s IT systems, such as poor encryption, lack of multi-factor authentication, or unpatched vulnerabilities.
