In August 2023, the UK’s **Ministry of Defence (MoD)** suffered a **catastrophic data breach** exposing the personal details of **18,700 applicants** to the Afghan resettlement schemes, along with thousands of their family members. The leak, discovered after the 2021 fall of Kabul, forced the MoD to impose a **superinjunction on the UK press** and initiate an emergency evacuation of affected Afghans to prevent Taliban reprisals. The breach led to the creation of covert resettlement programs (**Afghan Response Route, ARR**) at an estimated cost of **£850 million**, though the **National Audit Office (NAO) questioned the accuracy** of this figure due to poor financial tracking. The MoD failed to segregate costs, blending them with broader Afghan resettlement spending, and later revised total projected expenses to **£5.5–6 billion** for all related schemes. The breach not only endangered lives but also triggered **legal, compensation, and operational chaos**, with the government initially planning to evacuate **42,000+ individuals** before scaling back. The incident exposed systemic failures in data protection, financial transparency, and crisis response, with long-term reputational and geopolitical consequences.
TPRM report: https://www.rankiteo.com/company/uk-ministry-of-defence
"id": "uk-506090325",
"linkid": "uk-ministry-of-defence",
"type": "Breach",
"date": "6/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': '18,700 applicants + family '
'members (total evacuations: '
'23,463 as of 2025-07)',
'industry': 'Defense/Public Sector',
'location': 'United Kingdom',
'name': 'UK Ministry of Defence (MoD)',
'type': 'Government Agency'},
{'customers_affected': '23,463 (evacuated or planned '
'for evacuation)',
'location': 'Afghanistan/UK',
'name': 'Afghan Resettlement Scheme Applicants',
'type': 'Individuals/Refugees'}],
'data_breach': {'data_exfiltration': 'Yes (details exposed externally)',
'number_of_records_exposed': '18,700+ (applicants) + unknown '
'(family members)',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Extremely High (life-threatening risk '
'from Taliban reprisals)',
'type_of_data_compromised': 'Personal details (names, '
'locations, resettlement status) '
'of Afghan applicants and family '
'members'},
'date_detected': '2023-08',
'description': 'A catastrophic data breach at the UK Ministry of Defence '
'(MoD) in August 2023 exposed the personal details of ~18,700 '
'applicants to the UK’s Afghan resettlement schemes, along '
'with thousands of their family members. The breach triggered '
'a clandestine evacuation operation (Afghan Response Route, or '
'ARR) with estimated costs of £850m, though the MoD’s '
'accounting practices—driven by a superinjunction to protect '
'affected individuals—left spending records opaque. The total '
'forecasted cost of all Afghan resettlement activities '
'(2021–2029) is £2.074bn, with per-individual resettlement '
'costs estimated at £128,000 (£53,000 covered by MoD). The '
'breach led to legal uncertainties, compensation claims, and '
'operational challenges, including the use of existing '
'resettlement programs (Arap) as cover for evacuations.',
'impact': {'brand_reputation_impact': ['Criticism from Public Accounts '
'Committee over cost transparency',
'Questions about MoD’s accounting '
'practices and superinjunction '
'justification'],
'data_compromised': {'records_exposed': '18,700 applicants + '
'thousands of family '
'members',
'sensitivity': 'High (personal details of '
'at-risk Afghans)'},
'financial_loss': {'estimated_cost_ARR': '£850m (£400m spent, '
'£450m projected)',
'initial_ARP_estimate': '£6.27bn–£7.23bn (later '
'revised to '
'£5.5bn–£6bn)',
'legal_compensation_claims': 'Unknown (pending)',
'per_individual_cost': '£128,000 (£53,000 '
'MoD-covered)',
'total_resettlement_cost_2021_2029': '£2.074bn'},
'identity_theft_risk': 'High (Taliban reprisal threats against '
'exposed individuals)',
'legal_liabilities': ['Potential compensation claims from affected '
'individuals',
'High Court superinjunction (later lifted)',
'Regulatory scrutiny by National Audit '
'Office (NAO)'],
'operational_impact': ['Superinjunction imposed on UK press',
'Clandestine evacuation of 23,463+ '
'individuals (as of July 2025)',
"Use of Arap scheme as 'cover' for "
'breach-affected evacuations',
'Creation of new Afghanistan Response Route '
'(ARR) and Afghan Resettlement Programme '
'(ARP)',
'Reduction in ARP scope '
'post-superinjunction lift (from 42,000 to '
'36,000 targeted evacuations)']},
'investigation_status': 'Ongoing (NAO review; legal/financial uncertainties '
'remain)',
'lessons_learned': ['Need for transparent cost tracking in crisis-driven '
'operations',
'Challenges of balancing operational security '
'(superinjunction) with accountability',
'Risks of data breaches in high-stakes resettlement '
'programs'],
'post_incident_analysis': {'corrective_actions': ['Revised cost estimates for '
'ARR/ARP programs',
'Partial lifting of '
'superinjunction for '
'transparency',
'NAO-led review of '
'accounting practices'],
'root_causes': ['Inadequate data protection for '
'sensitive resettlement records',
'Lack of cost segregation for '
'emergency programs',
'Over-reliance on superinjunctions '
'for operational security']},
'recommendations': ['Improve segregation of emergency program costs in '
'accounting systems',
'Clarify legal frameworks for superinjunctions in data '
'breach responses',
'Enhance data protection measures for sensitive '
'refugee/resettlement data'],
'references': [{'date_accessed': '2025-07',
'source': 'National Audit Office (NAO) Report'},
{'source': "The Independent - 'MoD unable to calculate cost of "
"secret Afghan resettlement plan after data leak'"},
{'source': 'UK Parliament Public Accounts Committee Statement '
'(Sir Geoffrey Clifton-Brown)'}],
'regulatory_compliance': {'legal_actions': ['High Court superinjunction '
'(later lifted)',
'NAO investigation into cost '
'accounting'],
'regulatory_notifications': 'National Audit Office '
'(NAO) report (2025)'},
'response': {'communication_strategy': ['Limited transparency due to '
'superinjunction (lifted later)',
'NAO report (2025-07) detailing cost '
'uncertainties',
'Public statements by MoD and Public '
'Accounts Committee'],
'containment_measures': ['Superinjunction on UK press to prevent '
'Taliban reprisals',
'Use of existing Arap scheme as '
'operational cover'],
'incident_response_plan_activated': 'Yes (clandestine evacuation '
'via ARR/ARP)',
'recovery_measures': ['Establishment of Afghanistan Response '
'Route (ARR) and Afghan Resettlement '
'Programme (ARP)',
'Budget allocations via UK Spending '
'Review'],
'remediation_measures': ['Evacuation of affected individuals via '
'ARR/ARP',
'Reassessment of Arap eligibility for '
'breach victims']},
'stakeholder_advisories': ['MoD statements on cost transparency '
'post-superinjunction',
'Public Accounts Committee hearings'],
'title': 'UK Ministry of Defence (MoD) Afghan Data Leak and Resettlement '
'Response',
'type': ['Data Breach',
'Unauthorized Disclosure',
'Operational Security Failure']}