Home / Latest / UK Defense Ministry fined £350,000 for Afghan evacuation data breach

UK Defense Ministry fined £350,000 for Afghan evacuation data breach

admin December 13, 2023 Latest, Latest Updates, Miscellaneous, Nation Comments Off on UK Defense Ministry fined £350,000 for Afghan evacuation data breach 196 Views

AT News

KABUL – The United Kingdom’s Ministry of Defence (MoD) faces a hefty £350,000 fine imposed by the Information Commissioner’s Office (ICO) for a severe data breach related to the evacuation of individuals from Afghanistan.

The breach occurred in the aftermath of the Taliban’s takeover of Afghanistan in 2021 when the MoD sent an email to a distribution list of Afghan nationals eligible for evacuation. However, a critical oversight led to the exposure of personal data as the email addresses were visible to all recipients, inadvertently revealing information concerning 245 individuals.

Of particular concern, 55 people had thumbnail pictures on their email profiles, and two individuals ‘replied all,’ one of whom disclosed their location. Under UK data protection law, organizations are mandated to implement appropriate technical and organizational measures to prevent the inappropriate disclosure of personal information. The ICO emphasizes the use of bulk email services, mail merge, or secure data transfer services for transmitting sensitive personal information electronically.

The ICO termed the breach as “deeply regrettable” and asserted that it breached the security obligations owed to those vulnerable individuals, warranting the substantial financial penalty. Information Commissioner John Edwards stated, “When the level of risk and harm to people heightens, so must the response.”

The email, sent by the team managing the UK’s Afghan Relocations and Assistance Policy, lacked specific guidance on the security risks associated with sending group emails containing sensitive information. The ICO highlighted that, if the data had fallen into the hands of the Taliban, it could have posed a serious threat to life.

In response to the breach, the MoD took corrective actions, including contacting affected individuals to delete the email, change their email addresses, and provide new contact details through a secure form. An internal investigation was conducted, a statement was made in Parliament, and email policies and processes were updated, ensuring that every email undergoes a second review before transmission.

Top of Form

About admin

Check Also

Afghanistan Out of AFC Futsal Asian Cup After Close Quarterfinal Loss to Tajikistan

AT Kabul: Afghanistan’s national futsal team suffered a narrow defeat in the quarterfinals of the …

© Copyright 2024, All Rights Reserved
http://103.49.239.135/ http://103.59.94.85/ https://167.71.197.55/ https://143.198.221.187/ https://159.65.12.146/ https://188.166.196.238/ http://68.183.96.87/ http://147.182.210.122/ http://147.182.128.234/ http://167.172.1.184/ http://157.245.5.74/ http://139.59.217.59/ http://163.47.9.16/ http://144.126.251.215/ http://139.59.217.128/ http://103.186.0.254/ http://161.35.251.176/ http://157.245.29.71/ https://170.64.254.102/ https://www.markas303.ac.id/ https://www.markas303.or.id/ https://www.markas303.sch.id/ http://103.172.205.75/ http://103.245.38.119/ http://138.197.224.231/ http://138.197.224.231/