A serious data breach by the UK Ministry of Defence has exposed the email addresses of Afghan interpreters who worked with British forces, potentially putting their lives at risk. The blunder occurred when officials failed to use the 'Bcc' (blind carbon copy) function in an email, revealing the details of all recipients to each other.
The email was sent to over 250 Afghans who are eligible for relocation to the UK under the Afghan Relocations and Assistance Policy (ARAP). Many of them are still in hiding from the Taliban, and the exposure of their contact information represents a significant security threat.
A Catastrophic Error with Grave Consequences
One affected interpreter, who remains in Afghanistan, expressed his terror to the BBC, stating the revelation felt like a "death sentence". The email was intended to gather updated information from those approved for relocation.
Instead of protecting their identities, the MoD's mistake meant that every recipient could see the full list of email addresses. This could allow the Taliban to identify and target these individuals and their families.
Official Response and Apology
The Ministry of Defence has acknowledged the "unacceptable" error and issued a formal apology. An urgent investigation has been launched to understand how the breach occurred and to prevent a repeat incident.
"We apologise to everyone impacted and are supporting them through our dedicated enquiry centre and offering advice on how to manage any potential risks,” an MoD spokesman said.
The breach was immediately reported to the Information Commissioner's Office (ICO), the UK's data watchdog, which has the power to levy significant fines for such violations of data protection law.
A Pattern of Concerns
This incident is not isolated. It follows previous warnings and complaints about the administration of the ARAP scheme, which has been criticised by MPs and veterans' groups for being too slow and bureaucratic, leaving many former staff in extreme danger.
The government has promised to learn lessons from this profound mistake, but for the interpreters affected, the damage to their sense of security may already be done.
