Afghan resettlement plan data is exposed via a cyberattack on a contractor connected to the MoD
News Mania Desk / Piyal Chatterjee / 16th August 2025
Personal information connected to Afghan resettlement initiatives was made public by a cyberattack on a contractor associated with the UK Ministry of Defence. It is the most recent in a string of security lapses affecting Afghan refugees’ personal data.
The Inflite breach Up to 3,700 people’s personal information, including that of Afghans seeking asylum under the Afghan Relocations and Assistance Policy, was made public by Jet Centre Ltd., a company that offers ground services for flights connected to the UK’s defense ministry and the Cabinet Office.
Between January and March 2024, every person impacted by the hack entered London Stansted airport.
The leak may have also revealed the details of civil servants, military on routine exercises and journalists. In a statement on its website, Inflite The Jet Centre Ltd revealed that a data breach had occurred involving “access to a limited number of company emails”.
The business stated that the Information Commissioner’s Office had been notified of the occurrence and that it was conducting an investigation in collaboration with the National Cyber Security Center and the National Crime Agency.
“We believe the scope of the incident was limited to email accounts only, however, as a precautionary measure, we have contacted our key stakeholders whose data may have been affected during the period of January to March 2024”, the statement said.
It isn’t yet clear who carried out the cyber-attack on the company’s databases but a message was sent to the affected people warning them of the breach.
A government spokesperson said: “We were recently notified that a third-party sub-contractor to a supplier experienced a cybersecurity incident involving unauthorised access to a small number of its emails that contained basic personal information.
“We take data security extremely seriously and are going above and beyond our legal duties in informing all potentially affected individuals.
“The incident has not posed any threat to individuals’ safety, nor compromised any government systems.”
It is not thought that the information was made public or leaked to the dark web. The personal information of 18,714 Afghans who had collaborated with British soldiers was made public in February 2022 due to a separate breach committed by a defense official. In 2023, the Conservative administration was given a superinjunction by the UK high court to suppress facts pertaining to the breach. John Healey, the Labour defense secretary, later apologized for the breach.
