Second data breach exposes information of thousands of Afghan refugees and UK officials
Learn More
The Ministry of Defence's sub-contractor Inflite The Jet Centre Limited reports a data breach that compromised the personal information of up to 3,700 individuals, including Afghan nationals who were resettled in the UK under the Afghan Relocations and Assistance Policy (ARAP) scheme.
Inflite The Jet Centre, based at London Stansted Airport, provides ground-handling services for flights operated under contracts involving the Ministry of Defence and Cabinet Office. These flights were used to bring Afghan nationals to the UK as part of resettlement schemes for those who worked alongside British forces.
The company has stated that it believes the scope of the incident was limited to breached email accounts. The Ministry of Defence noted that additional personal information may have been compromised since ground-handling companies require certain details to enable flight departures and arrivals.
The breach represents the second major data compromise affecting Afghan refugees within just over two years.
The exposed data includes:
- Names
- Passport details (including names, dates of birth, and passport numbers)
- Afghan Relocations and Assistance Policy (ARAP) reference numbers
- Visa details
- Employment information
This incident follows a February 2022 data breach in which a British defence official mistakenly leaked the personal details of 18,714 Afghan applicants to the UK resettlement scheme.
The affected individuals were notified on through emails sent by the Afghan resettlement team. The government maintains that the incident "has not posed any threat to individuals' safety, nor compromised any government systems."
Inflite The Jet Centre has reported the incident to the Information Commissioner's Office and is working with relevant UK cyber authorities, to support the investigation and response.
