UK MoD Staff Warned Against Sharing Data Prior to Major Afghan Leak

Mon Oct 20 2025 09:22:15 GMT+0300 (Eastern European Summer Time)

The UK Ministry of Defence (MoD) had prior warnings against sharing sensitive information, which was later leaked, affecting approximately 19,000 Afghan applicants to relocate to the UK.

Documents revealed that the Ministry of Defence staff were advised not to disseminate information containing hidden tabs before a significant data leak occurred, which exposed the details of nearly 19,000 individuals seeking refuge in the UK. Concerns about the handling of this data breach have been raised by the Information Commissioner's Office, emphasizing the need for improved data security measures within the MoD.

The Ministry of Defence (MoD) staff were alerted prior to the Afghan data leak not to share information that contained hidden tabs, as outlined in documents released by the UK's Information Commissioner’s Office (ICO).

Recently, it was disclosed that details of almost 19,000 individuals who applied to move to the UK were compromised due to an official sending an email with a spreadsheet containing sensitive information in a hidden tab.

In these documents, ICO staff explicitly noted concerns about the lack of a fine imposed on the MoD for this major breach. The ICO highlighted that the MoD had been aware of the risks regarding data sharing and the importance of removing hidden data from records.

Despite the MoD's efforts to enhance data security, ICO representatives stated that government actions remain insufficient to prevent similar circumstances in the future.

The ramifications of this leak, which contributed to an emergency resettlement initiative for those facing threats from the Taliban, are predicted to cost the government around £850 million.

A super-injunction granted in September 2023 shielded the incident from public knowledge for almost two years, only to be lifted last month.

In response to the breach, the MoD claimed they took active measures to retrieve and erase the leaked data.

Moreover, attempts to assess the situation and whether further investigations were warranted included undisclosed deliberations among ICO staff, reflecting a collective worry about the potential reputational consequences of not acting against the MoD.

Overall, the documents reveal a concerning trend of data breaches and raise critical questions about data management and accountability within UK government departments.