British government quietly relocated 16,000 Afghans after a massive MOD data breach exposed identities
The British government covertly relocated thousands of Afghans to the UK following a catastrophic Ministry of Defence data leak, it has now been revealed, after a superinjunction preventing media coverage was lifted.
The leak, one of the most serious in modern British security history, occurred in early 2022 and led to sensitive information being published on Facebook in 2023. The spreadsheet mistakenly emailed externally contained names, contact details, and affiliations of Afghans who had worked with UK forces and applied for relocation following the Taliban’s return to power.
Fearing Taliban reprisals, the then-Conservative government initiated a secret relocation programme involving thousands of at-risk individuals, which is estimated to have cost around £2 billion. British Defence Secretary John Healey formally apologised in Parliament, acknowledging the danger caused by the breach and the distress it inflicted.
“This serious data incident should never have happened,” Healey told MPs. “It may have occurred under the previous government, but to all whose data was compromised, I offer a sincere apology.”
According to official figures, about 4,500 Afghans and their family members have been moved to the UK or are en route as part of this previously undisclosed scheme. However, the government has now drawn a line under the response, stating that no further asylum offers would be extended in relation to the breach.
A government-commissioned review, published alongside Healey’s statement, claimed that there was “limited evidence” the Taliban intended to seek retribution against those exposed in the leak. Yet, campaigners and legal experts dismissed the review as insufficient given the life-threatening nature of the error.
The report also revealed that more than 16,000 people affected by the leak had been relocated to the UK by May 2025, though many were moved under existing Afghan assistance programmes.
The revelation comes at a politically sensitive time. With public finances stretched and Reform UK surging in the polls on an anti-immigration platform, the exposure of this covert scheme could fuel political backlash.
Adding to the controversy, the government now faces potential lawsuits from Afghans affected by the leak. Lawyer Sean Humber, from Leigh Day, said his firm expects “strong claims for substantial compensation” over the “anxiety and distress” caused by the breach.
The original injunction was secured in 2023 by the Ministry of Defence under the Conservatives, who argued that making the breach public would put lives in even greater danger — a case accepted by the courts at the time.
Healey’s announcement marks the first public acknowledgement of the breach’s scale and consequences, as well as the secretive state response that followed.
British troops had been stationed in Afghanistan from 2001 until 2014, playing a central role in combat operations. Many Afghans — interpreters, drivers, fixers — worked alongside UK forces, making them prime targets after the Taliban’s 2021 resurgence.
The data breach, involving email mishandling of a relocation applicant spreadsheet, included references from British MPs and senior military officers, further raising the stakes.
Now under Keir Starmer’s Labour government, the Ministry of Defence opted to review and lift the superinjunction, finally bringing the story to public light after three years of silence.
The government has yet to clarify the full cost of the scheme, though internal estimates put it at nearly £2 billion, with potential legal compensation likely to increase that figure.
As Britain grapples with its past involvement in Afghanistan, the fallout from this data disaster serves as a stark reminder of the human costs of bureaucratic error — and the enduring duty owed to those who risked everything to stand beside UK forces.
