Security News > 2021 > September > UK Ministry of Defence apologises after Afghan interpreters' personal data exposed in email blunder

UK Ministry of Defence apologises after Afghan interpreters' personal data exposed in email blunder
2021-09-21 11:30

The UK's Ministry of Defence has launched an internal investigation after committing the classic CC-instead-of-BCC email error - but with the names and contact details of Afghan interpreters trapped in the Taliban-controlled nation.

The horrendous data breach took place yesterday, with Defence Secretary Ben Wallace promising an immediate investigation, according to the BBC. Included in the breach were profile pictures associated with some email accounts, according to the state-owned broadcaster.

The email was reportedly sent by the British government's Afghan Relocations and Assistance Policy unit, urging the interpreters not to put themselves or their families at risk.

Most email blunders come with less lethal consequences.

A misconfigured NHS mailserver caused real problems in 2016 when the health service's entire email network ground to a halt following a spate of irate reply-all missives, while BT Security managed something superficially similar to the MoD cockup by CC'ing instead of BCC'ing 150 security bods pondering taking a job with the one-time state-owned monopoly.

The human error-induced problem is as old as email itself and is arguably inherent in the design of most mail clients used by loose fingered users.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/09/21/mod_email_fail_afghan_interpreters_data/