"Central to the report, and the disaster in general, was the MoD's "inappropriate" casework system. At the time, it was relying on Excel spreadsheets stored in SharePoint to handle the trove of sensitive personal data of Afghan citizens who assisted British troops during the conflict. The report noted that this contributed to the incident, which leaked thousands of identities linked to Afghans who were due to be resettled for their own protection, and demanded the MoD confirm a new system is in place."
"In total, there were 49 separate data breaches that leaked these identities, the report noted. The first came in 2021, when 245 Afghan interpreters who assisted British forces had their details exposed in a CC-not-BCC email blunder, but the most significant came in February 2022, when around 19,000 Afghans who applied for the ARAP resettlement scheme were affected. This incident also leaked the identities of British spies and other officials, although on a much smaller scale,"
Three years after the 2022 Afghan data breach, the Ministry of Defence has not appropriately improved data protection mechanisms for the Afghan Relocations and Assistance Policy (ARAP). The Public Accounts Committee concluded that the MoD was aware of risky data-handling procedures and still lacks confidence that similar breaches can be prevented. The MoD relied on inadequate casework systems, including Excel spreadsheets stored on SharePoint, to handle sensitive personal data. Forty-nine separate data breaches exposed identities, most significantly in February 2022 when around 19,000 ARAP applicants were affected. The breaches also exposed the identities of British spies and officials, endangering those who assisted British troops.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]