Growing data security incidents on the battlefield will continue to wreak havoc and generate multi-million dollars in GDPR fines without WAN Acceleration, according to this article from Defence24 Magazine.
October 31, 2025
A failure to take data protection seriously could cost lives. That includes those of people who’ve worked for Allied forces in Afghanistan, and in other theatres of conflict. In August 2025, The Guardian revealed that a cyber-attack on a contractor linked to the UK’s Ministry of Defence (MoD) „exposed the personal data of up to 3,700 people, including Afghans seeking refuge as part of the Afghan Relocations and Assistance Policy (ARAP),” according to multimedia journalist Faisal Ali.
His article, “Cyber-attack on MoD-linked contractor exposes data of Afghans in resettlement scheme”, published on 16th August, talks about it as being one of a series of serious data breaches involving private information of Afghan refugees – who’d worked for British and Allied forces during the conflict in Afghanistan.
Inflite The Jet Centre, the company hit by the attack, provides ground support services for flights linked to the MoD and to the Cabinet Office. The individuals impacted by the breach flew into London Stansted airport between January and March 2024. The breach may also have leaked sensitive information about civil servants, soldiers on routine exercises, and journalists.
Google’s AI Overview explains: “The data breach at Inflite The Jet Centre occurred between January and March 2024, involving unauthorised access to company email accounts. The incident, which was publicly disclosed in August 2025, potentially exposed the personal data of approximately 3,700 individuals, including Afghan nationals, UK troops and civil servants, who were involved in UK resettlement efforts and military operations.”
Data security incident
Inflite confirmed the breach on its website: „We can confirm that Inflite The Jet Centre Limited recently experienced a data security incident involving unauthorised access to a limited number of company emails.”
“We have reported the incident to the Information Commissioner’s Office (ICO) and have been actively working with the relevant UK cyber authorities, including the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC), to support our investigation and response.”
“We believe the scope of the incident was limited to email accounts only; however, as a precautionary measure, we have contacted our key stakeholders whose data may have been affected.” However, it wasn’t immediately clear who conducted the cyber-attack.
Despite this, the parties involved claimed that there was no threat to individuals’ safety – although, with regard to previous and similar data breaches, such a claim as this has been politically contested.
Superinjunction imposed
Another incident in February 2022, caused by a defence official, disclosed the personal data of 18,714 Afghans who may have worked with British forces. To try to protect the Afghans affected by the breach, in 2023 the UK’s High Court granted the then Conservative government a superinjunction. This involved an Excel worksheet containing the private information of Afghans involved in ARAP, which was accidentally emailed outside of official government systems, says the MoD.
270,000 payroll records exposed
The MoD perhaps needs to improve its immunity to data breaches. Barings Law says the MoD suffered one when 270,000 payroll records of members of Britain’s armed forces were exposed to hackers. This occurred in May 2024. The data the hackers accessed contained names, bank details, and the National Insurance numbers of some current and former members of the British Army, Royal Navy, Royal Air Force, and reservists.
“Those whose home addresses have been identified as part of the hack are being notified as a priority,” says Jessica Howkins in her article, »Ministry of Defence Data Breach: What Happened?« for the law firm.
She adds: “The Information Commissioner’s Office (ICO) will focus its investigation on what prevention measures the organisation had in place. The less compliant an organisation has been, the higher the risk of being fined and suffering reputational damage.”
“Regardless of the outcome of the ICO’s investigation, GDPR gives those affected the right to claim compensation as a result of the organisation breaking data protection law. This includes both „material damage” (financial loss) and „non-material damage” (e.g. any distress they may have suffered).”
The cost of a data breach
Google AI’s Overview reveals the potential cost of a data breach in the United Kingdom: „In the UK, GDPR breach fines have a two-tier maximum: £8.7 million or 2% of annual turnover, and £17.5 million or 4% of annual turnover, whichever is higher in each case. The Information Commissioner’s Office (ICO) applies these fines on a case-by-case basis after considering factors like the infringement’s nature, duration, and intent. Other actions, such as enforcement notices, are also possible instead of or in addition to a fine.”
As for the Afghan data breach of February 2022, the National Audit Office admits that the MoD doesn’t know its actual cost. However, there is an estimate of £850 million. Refugee Legal Support cited the BBC on 21st August 2025, which reported that „the Ministry of Defence has admitted that there have been 49 separate data breaches in the past four years.”
The Royal United Services Institute cited an article in August 2025 that had featured in The Times, which says that the government is now looking to artificial intelligence to prevent data breaches.
Preventing accidental distribution
To stop sensitive information and material from being distributed, AI security tags will be used. According to Freevacy, Castlepoint’s chief executive, Rachael Greaves, says such tags can “prevent files from being emailed or printed, reducing the risk of mistakes.”
RUSI’s website also highlights the following quote: “Hiring an AI company with credentials from other Five Eyes partners sends a signal to the public and partners that the MoD is taking enhanced data security seriously.” The article features the Institute’s Research Fellow in cyber, technology and national security, Dr Pia Hüsch.
Differing responses
However, not all breaches are the same, and so they require a different response. For example, with there being growing data volumes in the cloud, data needs to be protected by being backed up in at least 3 places that are situated outside of each other’s circles of disruption. Hackers are increasingly after organisations’ backups, making this and the deployment of air-gaps essential to prevent them from being accessed and exploited.
Fast backups with WAN Acceleration can also ensure that the data doesn’t fall into the wrong hands while in flight. It also ensures that an organisation can restore data – including encrypted data, very quickly in ways that WAN Optimisation and unaccelerated SD-WANs can’t do whenever an organisation needs to maintain service continuity after a data breach.
That doesn’t mean that WAN Optimisations and SD-WANs aren’t great technologies. They are. However, organisations such as the MoD would benefit significantly more from WAN Acceleration, which achieves data transfer speeds of up to 200x faster than traditional WAN Optimisation technologies, and the performance of SD-WANs is significantly improved when they include an SD-WAN overlay.
WAN Acceleration uses artificial intelligence, machine learning and data parallelisation to mitigate the effects of latency, improving bandwidth utilisation by 98%. Organisations that are benefiting from this technology include the National Institutes of Health (NIH) and CVS Healthcare. It also has great potential in the defence and national security markets.
While the MoD needs to consider the findings of the ICO and put more stringent processes in place, it would also benefit from WAN Acceleration. With this technology, it could also secure its data, back up and restore it more rapidly. After all, AI security tags can’t achieve everything that’s needed to protect increasingly large volumes of highly sensitive data. Data breaches could dangerously leave data falling into the wrong hands and potentially put lives at risk.
