A cyber-attack targeted **Inflite The Jet Centre Ltd**, a UK Ministry of Defence (MoD) contractor providing ground services for flights tied to the Afghan Relocations and Assistance Policy (ARAP). The breach exposed **personal data of up to 3,700 individuals**, including Afghan refugees, civil servants, soldiers, and journalists who transited through London Stansted Airport between **January and March 2024**. The incident involved **unauthorized access to a limited number of company emails**, potentially containing sensitive personal information.The company reported the breach to the **Information Commissioner’s Office (ICO)** and is collaborating with the **National Crime Agency (NCA)** and **National Cyber Security Centre (NCSC)** for investigations. While the data is **not confirmed to be leaked on the dark web or public**, affected individuals were notified as a precaution. The UK government stated that the breach **did not threaten individuals’ safety or compromise government systems**, though it marks another in a series of data exposures involving Afghan refugees.The attack’s scope was confined to email accounts, but the exposure of **refugee and personnel data** raises concerns over operational security and trust in third-party contractors handling sensitive MoD-linked information.
TPRM report: https://www.rankiteo.com/company/inflite-the-jet-centre-limited
"id": "inf830081625",
"linkid": "inflite-the-jet-centre-limited",
"type": "Breach",
"date": "3/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '3,700 individuals (Afghan '
'refugees, civil servants, '
'soldiers, journalists)',
'industry': ['Aviation',
'Defence Logistics',
'Ground Services'],
'location': 'London Stansted Airport, UK',
'name': 'Inflite The Jet Centre Ltd',
'type': 'Private Company (Contractor)'},
{'industry': 'Defence',
'location': 'UK',
'name': 'UK Ministry of Defence (MoD)',
'type': 'Government Department'},
{'industry': 'Government Administration',
'location': 'UK',
'name': 'UK Cabinet Office',
'type': 'Government Department'}],
'attack_vector': ['Email Compromise', 'Phishing (suspected)'],
'customer_advisories': ['Affected individuals warned of the breach via direct '
'communication'],
'data_breach': {'data_exfiltration': ['Unconfirmed (no evidence of data being '
'leaked or sold)'],
'file_types_exposed': ['Emails'],
'number_of_records_exposed': 'Up to 3,700',
'personally_identifiable_information': True,
'sensitivity_of_data': ['Moderate (personal but not highly '
'sensitive financial or classified '
'data)'],
'type_of_data_compromised': ['Basic personal information '
'(names, contact details, travel '
'records)',
'Email correspondence']},
'description': 'A cyber-attack on Inflite The Jet Centre Ltd, a contractor '
'for the UK Ministry of Defence (MoD) and Cabinet Office, '
'exposed personal data of up to 3,700 individuals, including '
'Afghan refugees under the Afghan Relocations and Assistance '
'Policy (ARAP). The breach occurred between January and March '
'2024 and involved unauthorized access to a limited number of '
'company emails. Affected individuals include Afghans seeking '
'refuge, civil servants, soldiers on routine exercises, and '
'journalists. The incident was reported to the Information '
'Commissioner’s Office (ICO), and investigations are ongoing '
'with the National Crime Agency (NCA) and the National Cyber '
'Security Centre (NCSC). The data is not believed to have been '
'leaked to the dark web or made public.',
'impact': {'brand_reputation_impact': ['Potential reputational damage to '
'Inflite The Jet Centre Ltd and UK MoD '
'due to repeated breaches involving '
'Afghan refugee data'],
'data_compromised': ['Personal data of up to 3,700 individuals '
'(Afghan refugees, civil servants, soldiers, '
'journalists)',
'Basic personal information from emails'],
'identity_theft_risk': ['Low (no evidence of data being leaked or '
'misused)'],
'legal_liabilities': ['Potential legal repercussions under UK data '
'protection laws (e.g., GDPR)'],
'systems_affected': ['Email accounts']},
'initial_access_broker': {'entry_point': ['Compromised email accounts'],
'high_value_targets': ['Afghan refugees under ARAP, '
'civil servants, military '
'personnel']},
'investigation_status': 'Ongoing (with NCA and NCSC)',
'references': [{'source': 'Inflite The Jet Centre Ltd Statement'},
{'source': 'UK Government Spokesperson Statement'},
{'source': 'The Guardian (February 2022 breach reference)',
'url': 'https://www.theguardian.com/uk-news/2022/feb/07/uk-data-breach-afghan-interpreters-taliban-risk'}],
'regulatory_compliance': {'regulations_violated': ['Potential violation of UK '
'GDPR and Data Protection '
'Act 2018'],
'regulatory_notifications': ['Reported to the '
'Information '
'Commissioner’s Office '
'(ICO)']},
'response': {'communication_strategy': ['Public statement on company website',
'Direct notification to affected '
'individuals',
'Government spokesperson statement'],
'containment_measures': ['Limited scope to email accounts',
'Precautionary contact with '
'stakeholders'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'third_party_assistance': ['National Crime Agency (NCA)',
'National Cyber Security Centre '
'(NCSC)']},
'stakeholder_advisories': ['Precautionary notifications sent to key '
'stakeholders (January–March 2024)'],
'title': 'Cyber-Attack on UK MoD Contractor Exposes Personal Data of Afghan '
'Refugees and Others',
'type': ['Data Breach', 'Unauthorized Access']}