Latest news with #InfliteTheJetCentre
The Guardian
13 hours ago
- The Guardian
Cyber-attack on MoD-linked contractor exposes data of Afghans in resettlement scheme
A contractor linked to the UK Ministry of Defence has been hit by a cyber-attack, exposing personal data linked to Afghan resettlement efforts. It is the latest in a series of breaches involving the private information of Afghan refugees. The breach at Inflite The Jet Centre Ltd, a company that provides ground services for flights linked to the UK's defence ministry and the Cabinet Office, has exposed the personal data of up to 3,700 people, including Afghans seeking refuge as part of the Afghan Relocations and Assistance Policy. All the individuals affected by the breach flew into London Stansted airport between January and March 2024. The leak may have also released the information of civil servants, soldiers on routine exercises and journalists. In a statement on its website, Inflite The Jet Centre Ltd confirmed that a data breach had occurred involving 'access to a limited number of company emails'. The company said the incident had been reported to the Information Commissioner's Office, and that it was working with the National Crime Agency and the National Cyber Security Centre on its investigation. 'We believe the scope of the incident was limited to email accounts only, however, as a precautionary measure, we have contacted our key stakeholders whose data may have been affected during the period of January to March 2024', the statement said. It isn't yet clear who carried out the cyber-attack on the company's databases but a message was sent to the affected people warning them of the breach. A government spokesperson said: 'We were recently notified that a third-party sub-contractor to a supplier experienced a cybersecurity incident involving unauthorised access to a small number of its emails that contained basic personal information. 'We take data security extremely seriously and are going above and beyond our legal duties in informing all potentially affected individuals. 'The incident has not posed any threat to individuals' safety, nor compromised any government systems.' The data is not believed to have been leaked to the dark web or made public. In February 2022, a separate breach by a defence official disclosedthe personal data of 18,714 Afghans who had worked with British forces. The UK high court granted a superinjunction to the Tory government in 2023 to suppress information related to the breach, for which the Labour defence secretary, John Healey, later issued an apology.
BBC News
a day ago
- Politics
- BBC News
Afghans resettled in UK affected by new MoD data breach
Thousands of Afghans brought to safety in the UK have had their personal data exposed, after a Ministry of Defence (MoD) sub-contractor suffered a data breach. The names, passport information and Afghan Relocations and Assistance Policy (Arap) details of up to 3,700 Afghans have potentially been affected after Inflite The Jet Centre, which provides ground-handling services for flights at London Stansted airport, suffered a cyber-security comes just a month after it was a revealed another major data breach in 2022 leaked the details of almost 19,000 people who had asked to come to the UK in order to flee the Taliban. The government said the incident "has not posed any threat to individuals' safety, nor compromised any government systems." There is currently no evidence to suggest that any data has been released Afghans affected are believed to have travelled to the UK between January and March 2024, under a resettlement scheme for those who worked with British troops. An email sent out by the Afghan resettlement team on Friday afternoon warned their families that personal information may have been exposed."This may include passport details (including name, date of birth, and passport number) and Afghan Relocations and Assistance Policy (Arap) reference numbers," it affected also include British military personnel and former Conservative government ministers, the BBC understands.A government spokesperson said: "We were recently notified that a third party sub-contractor to a supplier experienced a cyber security incident involving unauthorised access to a small number of its emails that contained basic personal information."We take data security extremely seriously and are going above and beyond our legal duties in informing all potentially affected individuals." Inflite The Jet Centre said in a statement it believes "the scope of the incident was limited to email accounts only" and has reported it to the Information Commissioner's Office (ICO). The BBC has contacted the ICO for comment. The incident follows a February 2022 incident in which the personal data of nearly 19,000 Afghans who had applied to move to the UK under the Arap scheme was mistakenly leaked by a British official, leading to thousands of Afghans being secretly relocated to the UK. The leaked spreadsheet contained the names, contact details and some family information of the people potentially at risk of harm from the Taliban. That incident was made public for the first time in July of this year.
The Independent
a day ago
- The Independent
Almost 4,000 afghans affected by new MoD data leak
A new data breach linked to the Ministry of Defence (MoD) has potentially exposed the personal details of up to 3,700 Afghans. The breach occurred at Inflite The Jet Centre Ltd, a sub-contractor providing ground handling services at London Stansted Airport, following a cybersecurity incident. Affected individuals include Afghans resettled in the UK after assisting British troops, as well as those who travelled for routine military exercises. Potentially leaked information includes passport details such as name, date of birth, passport number, and Afghan Relocations and Assistance Policy (ARAP) reference numbers. This incident marks another data loss following a previous breach that exposed details of 18,700 Afghan applicants, raising concerns about the MoD's handling of sensitive data.
.png%3Ftrim%3D0%2C0%2C0%2C0%26width%3D1200%26height%3D800%26crop%3D1200%3A800&w=3840&q=100)
The Independent
a day ago
- The Independent
Afghans brought to safety in UK have personal details leaked in fresh Ministry of Defence breach
The personal data of Afghans brought to safety in the UK has been breached yet again in another Ministry of Defence (MoD) cybersecurity incident. The breach affecting up to 3,700 people includes Afghans who were brought to the UK under the MoD's resettlement scheme for those who worked with British troops. The number also includes people who travelled for routine military exercises and official engagements. The breach came after Inflite The Jet Centre Ltd, a sub-contractor to an MoD supplier, which provides ground handling services for flights at London Stansted Airport, suffered a data loss. The incident affects contracts between the MoD, Inflite The Jet Centre, and the Cabinet Office. The latest leak comes after another catastrophic data loss, which exposed the details of 18,700 Afghan applicants to a UK resettlement scheme. This breach prompted a secret evacuation scheme and the use of an unprecedented superinjunction to keep the details secret for nearly two years. A notification, sent out by the Afghan resettlement team on Friday afternoon, warned families that their personal information may have been exposed. 'This may include passport details (including name, date of birth, and passport number) and Afghan Relocations and Assistance Policy (Arap) reference numbers,' the warning said. Afghan families, eligible for relocation, have been flown on flights chartered by the MoD from Pakistan to the UK as part of the ongoing evacuation scheme. There is currently no evidence to suggest that any data has been released publicly or on the dark web. A government spokesperson said: 'We were recently notified that a third-party subcontractor to a supplier experienced a cybersecurity incident involving unauthorised access to a small number of its emails that contained basic personal information. 'We take data security extremely seriously and are going above and beyond our legal duties in informing all potentially affected individuals. 'The incident has not posed any threat to individuals' safety, nor compromised any government systems.' In a statement published to Inflite The Jet Centre's website on 10 August it said the breach involved data from January and March 2024. 'We have reported the incident to the Information Commissioner's Office (ICO) and have been actively working with the relevant UK cyber authorities, including the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC), to support our investigation and response', the company said. Inflite The Jet Centre said it believed the data loss was 'limited to email accounts only'. However, the MoD notice issued on Friday said further personal information had been breached because 'certain information is required by ground-handling companies to enable flights to depart and to arrive'. Inflite The Jet Centre has been contacted for comment.
