A new study that looked at 231 people exposed by a 2022 UK data leak of Afghans seeking resettlement after the Taliban takeover found that 49 had friends or colleagues killed in Afghanistan.
The UK Afghan data leak report, by the charity Refugee Legal Support in consultation with two academics, looked at the damage done by the Ministry of Defence (MoD) data leak of 18,000 people who had applied for asylum. The report was submitted to a House of Commons Defence Committee inquiry into the data breach.
UK Afghan Data Leak Exposed 87% to Risk and Threats
The survey focused on 231 respondents who said they had been told directly by the Ministry of Defence that their data had been exposed in the leak, which was the result of an inadvertent emailing of a spreadsheet by a soldier.
Of the 231 affected Afghans, 200, or 87%, “reported personal risks and/or threats to family members,” the report said, and 207 (89%) “reported impacts on their own physical and/or mental health and the same number (207) reported negative impacts on their family’s physical and/or mental health.”
Some of the responses detailed in the report are harrowing. One respondent said, “My father was brutally beaten to the point that his toenails were forcibly removed, and my parents remain under constant and serious threat. My family and I continue to face intimidation, repeated house searches, and ongoing danger to our safety.”
“I live under constant fear for my life and the safety of my family due to repeated raids, threats from the Taliban and local intelligence groups, and the risk of forced marriage for my daughter,” said another respondent. “The ongoing stress, anxiety, and fear for my family’s well-being have severely impacted my emotional and physical well-being.”
One respondent who had relocated to the UK said fears from the breach remain a constant torment for family members who remain in Afghanistan. “Whether it’s legal advice, mental health resources, or help accelerating family reunification, anything that can ease this burden would mean the world to me,” the person said.
UK Advice Deemed Inadequate
The report also found that the advice given to the affected Afghans in the wake of the breach was largely inadequate.
The report described “a profound mismatch between the MoD’s security advice” – which focused on things like restricting use of social media accounts and advising the use of VPNS – “and the severity of reported risks and threats, which included direct threats, violence, and displacement.”
One respondent said, “The security advice provided by the Ministry of Defence was very general and limited. They only advised me not to answer calls from unknown numbers and to secure my emails. These instructions were insufficient given the serious threats and risks I faced, including my house being searched, my brothers being summoned by intelligence services, and direct threats to our lives. Such general advice did not provide any practical help to protect my situation.”
The report also found “no evidence that the Ministry of Defence offered local risk management or follow-up with individuals outside of the UK” who were affected by the data breach and were not offered resettlement.
The report called for expedited review of remaining resettlement cases, including affected family members.
“As both the quantitative and qualitative data from our survey shows, the data breach has had devastating consequences for many individuals and families,” the Refugee Legal Support report said. “The UK Government must act decisively to protect those affected, restore trust, and ensure that such a failure never happens again; or that if it does, those placed at risk will not also be left alone in the dark.”
