Ministry of Defence email blunder exposes personal data of Afghan interpreters
The personal email addresses of over 250 Afghan interpreters seeking relocation to the UK were mistakenly copied into an email with their email addresses visible in a data breach described by the Defence Secretary as "unacceptable".
Just a few days later, a second data breach by the Ministry of Defence ("MoD") emerged with the potential to further compromise the safety of Afghans. According to officials, this second email breach involved the email addresses of 55 Afghan people.
The first email was sent by the team in charge of the UK's Afghan Relocations and Assistance Policy. A follow-up email was sent by the MoD shortly afterwards warning the recipients of the compromise and requesting them to delete the original email and to change their email addresses. In the second breach, an email was sent to the recipients asking them to update their details due to difficulties faced by UK relocation officials in contacting them. The MoD has since apologised and has stated that it is offering extra support to those affected.
The ICO is currently making enquiries with the MoD as to how these data breaches occurred, and a spokesperson for the ICO has said that people expect their personal data to be "handled securely", which is particularly so in serious cases such as this.