The UK’s Ministry of Defence (MoD) reportedly suffers another data breach that has exposing details of more Afghan citizens who may be at risk of reprisals from Taliban forces.
The government department was forced to apologize earlier this week for sending an email which exposed the data of more than 250 Afghan interpreters who worked for British forces during the allied occupation of the country. The data included email addresses, names and LinkedIn profile Images. This has made them possible targets of reprisals from the Taliban, who took control recently of Afghanistan after 20 years of being ousted by the British and US forces.
Another data breach involving Afghan citizens has been uncovered by the BBC who revealed MoD sent an email that mistakenly copied dozens of people. This revealed email addresses and some names of 55 Afghans, including those from the Afghan National Army
The email informed the recipients that UK relocation officials had been unable to contact them and requested updated details.
The MoD has apologized for the latest breach and said it was offering extra support to those affected. A department spokeswoman was quoted as saying: “We have been made aware of a data breach that occurred earlier this month by the Afghan Relocation and Assistance Policy (Arap) team.
Apologies have been made by the MoD for the latest breach saying it was offering extra support to those affected. A department spokeswoman was quoted as saying: “We have been made aware of a data breach that occurred earlier this month by the Afghan Relocation and Assistance Policy (Arap) team.
“This week, the defence secretary instigated an investigation into data handling within that team.
“Steps have now been taken to ensure this does not happen in the future.”
Commenting on the story, Wouter Klinkhamer, CEO at Zivver, said: “The Afghanistan/MoD data leak news is a stark reality of what can happen when digital communications are not safeguarded. This is an extreme example, of course, where the data breach is potentially life-threatening. Still, all business leaders need to sit back and review how sensitive information is being shared and what support their workforce has to communicate securely. Commonly, incidents such as this result from human error (verified by the UK’s ICO) — an employee inadvertently selecting ‘Cc’ instead of ‘Bcc’ before sending the email. However, we’re all human, we all make mistakes — organizations need to focus on how they can empower their individuals to be able to share information securely when they need, with confidence and with ease to avoid a potentially damaging situation.”