Could lives have been lost in the Afghan MoD data breach?

The UK government has finally admitted that the Ministry of Defence (MoD) made one of the most damaging data breaches in recent history. Nearly 19,000 Afghans who supported British forces had their personal details exposed, leaving them and their families at risk of Taliban reprisals. 

Three years later, the full story is only now coming to light. Here’s what happened, why it matters, and what’s being done (or not done) to put things right. 

What happened in the MOD Afghan data breach?

In February 2022, a MoD official mistakenly sent an email containing the names and contact details of Afghans applying to move to the UK under a relocation programme for those who worked with British forces. 

The breach included details of interpreters, soldiers, and even special forces operatives, along with some family members. 

The error wasn’t made public at the time. Instead, the leak came to light in August 2023 when parts of the data appeared on Facebook. The government applied for an injunction, later converted into a super-injunction, preventing any reporting of the breach. 

Only in July 2025, over three years later, was the super-injunction lifted, allowing the press to report the full story. 

Could lives have been lost?

Defence Secretary John Healey has admitted he is unable to say for sure whether anyone was killed because of the breach. While the MoD claims it is highly unlikely the risk of Taliban targeting has increased, families in Afghanistan feel differently. 

One woman whose father’s details were leaked told the media her family “panicked” when they learned about the breach, fearing Taliban retaliation. Her grandmother, still in Afghanistan, remains “completely vulnerable”. 

A costly and secretive response

The government’s reaction to data breach has raised concerns: 

  • A super-injunction kept the story under wraps for years. 
  • A secret resettlement programme was set up, costing £400 million so far, with a projected total cost of £850 million. 
  • Despite these efforts, 600 Afghan soldiers and 1,800 family members remain in Afghanistan, according to MoD figures. 

Accountability, or lack of it

When sensitive data falls into the wrong hands, the damage can’t always be undone. And when the government chooses secrecy over transparency, the fallout is even harder to repair. 

A security committee has launched an inquiry into Afghan data leak and the MoD has issued an apology and sent guidance to those affected, urging them to “exercise caution”. However, no compensation has been offered to victims, and the MoD says it will “robustly defend” any legal action. 

We are monitoring the situation closely. Register your interest and we’ll keep you updated if one of our regulated UK partner law firms is able to take this claim forward.

Find out more

Join the Claim connects consumers with SRA-regulated lawyers. Visit the claim page to check your eligibility if a claim is open with one of our trusted legal partners. If a group action has not yet been launched, you can register your interest and we’ll keep you informed if a partner firm decides to take a claim forward.  

This information is for general guidance only and does not constitute legal or financial advice.

You may also like:

  • Environment, News, Vehicle

Can BMW drivers claim compensation for the diesel emissions scandal?

BMW faces legal action over emissions-cheating software. Learn what the scandal involves, who is affected, and what it means for UK diesel car owners.
  • Data Breach, Financial, News

Capita data breach: Legal response & ongoing investigations

Capita’s data breach exposed pension holders’ personal data. Stay updated on the latest legal action, investigations, and regulatory responses.
  • News, Vehicle

Jaguar Land Rover DPF claims vs. dieselgate: What you need to know

Confused about Jaguar Land Rover DPF claims vs. Dieselgate? Learn the key differences, legal actions, and how to check if you qualify for compensation.

Latest news & insights

phone online fraud targeting mobile users
Worried about phone fraud? Here’s how to spot the warning signs
Phone fraud is becoming harder to spot. Learn the warning signs of scam apps, APP fraud, subscription traps and fake investment platforms in our latest guide.
British Gas SMETS 1 smart energy monitor.
Could you get compensation from British Gas over forced prepayment meters?
Thousands of British Gas customers could receive compensation or debt relief. Here’s what you need to know.
Diverse team of two business people working talking using smart phone walking in corporate office
New guide: everything you need to know about joining a group action claim
Unsure how group litigation works in the UK? Our new guide explains what to expect before joining a group action claim.
Digital Business and Technology concept, Virtual screen showing DATA BREACH.
UK data breaches surge in 2026
Data breaches in the UK have hit 33.2 million, with 4.4 million in just the first quarter of 2026. Here’s what’s driving the surge and what it means for your data.
solutions that serve the optimization and economical use of water.
ICO fines South Staffordshire Water after hackers hid inside systems for almost two years
The ICO has fined South Staffordshire Water £963,900 after hackers remained inside its systems for almost two years, exposing sensitive customer and employee data.
A diverse group of five students happily walk through a university hallway
Canvas data breach explained: what UK students need to know
The major Canvas cyberattack has affected universities around the world, including in the UK. Here’s what students need to know.
Telus logo or sign on a modern building. Telus is a tele-communications company
TELUS Digital breach explained: what we know about the alleged cyberattack
TELUS Digital has confirmed a cybersecurity incident after hackers claimed to have stolen nearly 1 petabyte of data.
Amazon fire tv stick remote in hand with selective focus tv background.
Amazon Fire TV Stick lawsuit: why “bricking” claims matter
Amazon is facing a US lawsuit over claims it “bricked” older Fire TV Sticks. Here’s what’s being alleged and why it matters.
Person holding phone with Microsoft OneDrive is a file hosting service that allows users to sync files.
Microsoft cloud licence claim: what it means for UK businesses
A £2.1bn UK claim against Microsoft over cloud licensing has been allowed to proceed.
concept of using Passkey instead of a code set for maximum security Biometric Lock
Passkeys explained: why the UK is being told to move beyond passwords
The UK’s cyber security agency says passwords are no longer enough. Here’s why passkeys are being pushed as the safer alternative.
photovoltaic solar park renewable energy wind generators blue sky background
Ofgem reforms: what stronger energy consumer protections mean for you
The government is strengthening Ofgem’s powers to protect energy consumers. Here’s what’s changing and what it could mean for households.
Smartphone on surface showing Canva logo.
Canva data leak: what the alleged breach could mean for users
An alleged dataset linked to Canva has surfaced online, containing 900,000 user records. Here’s what’s been reported.
the logo of the brand "Rituals". Rituals is a company for Cosmetics.
Rituals data breach: what it means for UK customers
Rituals has confirmed a data breach affecting customer data across Europe and the UK. 
women travelers,waiting at train station journey,with luggage and large backpacks
Interrail data breach: why some travellers are being told to replace passports
Over 300,000 Interrail travellers had personal data exposed in a cyber incident. Some are now being advised to replace passports.
technician of health with blood tubes in the clinical lab for analytical / hand of doctor holding blood sample in tube test for analysis in laboratory
Nearly 200 Biobank data incidents raise concern as more private health records found online
UK Biobank data has reportedly been leaked nearly 200 times in a year. Here’s what it means for participants.
View all news

Did you know we have a newsletter?

Sign up for our newsletter to stay up to date.

We connect consumers with their legal dream teams to ensure they get the compensation and support they deserve.

claims
About
Legal
Connect

Join the Claim is not a law firm. We connect individuals with top law firms for group action claims, and our service is free to use. While we may receive a fee from the law firms we introduce you to, this will not affect your costs or compensation. We are not responsible for the advice or services provided by these firms. Please note, nothing on this website is legal advice, and while we check claim eligibility, we cannot guarantee a law firm will accept a case.

Join the Claim is a trading name of Join the Claim Limited, authorised and regulated by the Financial Conduct Authority (FRN: 1053404). Registered in England and Wales, Company No: 16245278. Registered office: 32 Eyre Street, Sheffield, S1 4QZ.

© Join the Claim All Rights Reserved |

2026
Go to claims