Add thelocalreport.in As A Trusted Source
a devastating Ministry of Defence (MOD) data breach It exposed details of thousands of Afghans potentially seeking asylum in the UK Putting the lives of 100,000 people at risk – It could happen again, MPs warn.
A cross-party group of MPs investigating government spending published a damning report into the Defense Ministry on Friday. Violation response.
Public Accounts Committee (PAC) Found that the department failed to learn from multiple data breaches over consecutive years and that the Ministry of Defense had inadequate systems and controls. Manage personal data.
The February 2022 breach occurred when a spreadsheet containing 33,000 lines of data was emailed to someone outside the government. It was discovered in August 2023, when parts of the database appeared in a Facebook group. This prompted the government to use an unprecedented mandate to prevent reporting and launch a massive clandestine clearance program.
For almost two years, media organizations, including IndependentThe secret court hearing demanded an investigation into the actions of the Defense Ministry. The PAC report reveals that despite promising billions of pounds of taxpayers’ money to fund a secret withdrawal scheme behind closed doors, the Ministry of Defense failed to tell the National Audit Office (NAO) what had happened.
The report said an audit director of the NAO was told by the Defense Ministry that the data related to the breach was a confidential matter that could not be shared. They were not told any details about the operational consequences, the number of people affected or the potential costs. The Director was also told that he could not give this information to anyone else in the expenditure monitoring body.
At one point in October 2024, ministers signed A £7bn plan to move around 36,000 people to the UK, Most of which were affected by the data breach.
On the failures that led to the data breach, Mr. Geoffrey Clifton-Brown MP, chairman of the PAC, said: “The MOD knew what it was doing – it knew the risks of using inadequate systems to handle sensitive personal information because of the deteriorating security environment in Afghanistan.”
He added: “We have no confidence in the current ability of the Ministry of Defense to prevent an incident of this nature from happening again.”
Sir Geoffrey said: “The clearly anarchic decision to tell even a single director within the NAO, without informing the leadership of the NAO, that there was a confidential matter that could not be shared is emblematic of the quality of the Ministry of Defence’s decision-making.
“The outgoing Permanent Secretary of the MOD told our inquiry that this period of secrecy about how taxpayers’ money was being spent was ‘extremely uncomfortable’ for him. This is as it should be, and we’re glad to hear it – but elected representatives being prevented from holding the government to account is not nearly enough, and they should never have been put in this position by their minister.”
An independent caseworker, who was the first to alert the government about data loss in 2023, said the committee’s report was “encouraging”.
“This shows that there has been a continued and sustained priority to limit the MoD’s accountability when it comes to the 2022 data breach. Thousands of people in Afghanistan are still at risk and yet the evacuation route is currently halted,” he said.
“The MOD is saying they face significant challenges to resettlement, meaning Afghans who risked their lives for Britain are having to live in hiding for a fifth year, waiting to see if the UK will finally honor our promise to move heaven and earth to get them out.
“It is clear that the committee is concerned that further violations may occur – a concern that I share because it appears that lessons have not been learned.”
Afghan security forces are They are still being hunted, tortured and killed by the Taliban, with the killing of more than 100 former Afghan forces in the country by 2023, recent research by Lighthouse reports and Independent found.
An MoD spokesperson said: “The data incident should never have happened under the previous government in 2022 and while the committee accepts that practices have improved, we are continuing to make changes and improvements to data management across the department, such as introducing a dedicated, secure casework system for Afghan resettlement.
“This government lifted the ordinance in July so that the public and Parliament can properly scrutinize it.”
The spokesperson claimed that “the overall financial cost has never been concealed”, adding that the government published the costs of all Afghan resettlement plans in its 2024 spending audit.
MPs highlighted that the Defense Ministry could not accurately identify or account for the cost of resettlement of thousands of Afghans as a result of the breach. Although the department said the total cost was around £850 million, the NAO said it did not have confidence in the accuracy or completeness of that estimate.
The committee has asked the Ministry of Defense to provide an update on how many people have arrived in the UK as a result of the breach, and to confirm that a new caseworking system to handle Afghan applications will prevent a repeat of the February 2022 breach.
The Ministry of Defense believes an estimated 27,278 people affected by the data breach could be resettled in the UK. However, the report said only 3,383 people have reached Britain under the scheme for those affected by the leak.
The PAC report said the Ministry of Defense estimates it will take a few years to safely bring everyone eligible to come to the UK.
The lack of oversight over the Defense Ministry’s response to the Afghan data breach has led people at the “highest levels within the government” to propose a parliamentary oversight committee that would look at more sensitive aspects of defense operations such as maintaining the nuclear deterrent. MPs said the proposal was “moving too slowly”.