Second UK data breach exposes details of more imperilled Afghans

The latest defence ministry blunder follows another breach reported earlier this week which critics said put Afghan lives at risk.

The UK said during its exit from Afghanistan last month that not everyone eligible for relocation would be successfully evacuated before forces departed, and has since committed to helping those left behind exit the country [File: Josh Smith/Reuters]

A second data breach by Britain’s Ministry of Defence (MoD) has exposed the email addresses of dozens more Afghans who may be eligible for relocation in the United Kingdom, potentially risking their safety.

The latest blunder saw MoD officials mistakenly copy 55 people into an email, making their details visible to all recipients, the BBC reported on Thursday.

The individuals – at least one of whom was a member of the Afghan National Army – were reportedly asked to update their details because UK relocation officials had been unable to contact them.

A spokesperson for the MoD told Al Jazeera the department was “aware” of the error, which took place earlier this month, by its Afghan Relocations and Assistance Policy (ARAP) team.

“Steps have now been taken to ensure this does not happen in the future. We apologise to those affected and extra support is being offered to them,” the spokesperson said.

“This week, the defence secretary instigated an investigation into data handling within that team.”

Separate breach

The first data breach, revealed on Tuesday, saw the email addresses of Afghan interpreters who worked with British forces mistakenly shared by the MoD.

That error saw more than 250 people – some of whom are hiding from the Taliban following its takeover in Afghanistan – copied into an email by the ARAP team pledging assistance with their relocation to the UK.

Some of the addresses showed people’s names and associated profile pictures, with one interpreter warning the mistake could “cost lives”.

In the email, British officials told the interpreters that the MoD was doing everything it could to help them reach the UK, but warned they should not risk leaving their current location if it was unsafe to do so.

Following the error, officials reportedly sent another message 30 minutes later advising the recipients to change their email addresses.

Defence Secretary Ben Wallace said the mistake was “unacceptable” and announced one official had been suspended pending the outcome of an investigation into the incident.

He told parliament on Tuesday that processes for “data handling and correspondence processing” had already been changed following the incident.

Wallace was not aware of the second MoD breach when he made those remarks, the BBC reported on Thursday, citing defence sources.

Source: Al Jazeera and news agencies