Cyber Incident Victim: Inflite The Jet Centre
Date:
Oct 2025
Location:
United Kingdom
Summary
Inflite The Jet Centre, a subcontractor providing ground-handling services at London Stansted airport, experienced a cyber-security incident in which unauthorized access to email accounts exposed personal data of up to 3,700 Afghans resettled in the UK under the Afghan Relocations and Assistance Policy scheme, including names, passport details and Arap reference numbers. The affected individuals also include British military personnel and former government ministers. A prior breach had exposed the details of nearly 19,000 people who had applied to come to the UK under the same scheme. The government said the incident posed no threat to individuals’ safety and did not compromise any government systems, and there is currently no evidence that any data has been released publicly. Inflite reported the incident to the Information Commissioner's Office.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Inflite The Jet Centre, which provides ground‑handling services for flights at London Stansted airport, experienced a cyber‑security incident that involved unauthorised access to a small number of its email accounts. The incident was reported to the Information Commissioner’s Office, which confirmed receipt of the report from Inflite. Inflite stated that it believes the scope of the incident was limited to email accounts only. The breach potentially exposed the personal data of up to 3,700 Afghans who had been resettled in the United Kingdom between January and March 2024.
The exposed information includes names, dates of birth, passport numbers and Afghan Relocations and Assistance Policy (Arap) reference numbers. In addition to Afghan nationals, the data also pertains to British military personnel and former Conservative government ministers. The Afghan resettlement team sent an email on Friday afternoon warning affected families that their personal information may have been exposed. A government spokesperson said the incident has not posed any threat to individuals’ safety, nor compromised any government systems, and that there is currently no evidence to suggest that any data has been released publicly.
The son of a member of the Afghan ‘Triples’ elite special forces, who had applied to the Arap scheme after the Taliban returned to power in August 2021, told the BBC that his family would not survive if they were returned to Afghanistan after their personal details were leaked, and he was subsequently deported back to Afghanistan following the interview. The incident follows a February 2022 episode in which the personal data of nearly 19,000 Afghans who had applied to move to the UK under the Arap scheme was mistakenly leaked by a British official, a breach that was first made public in July. Officials including former UK national security adviser Sir Mark Lyall Grant, former Chancellor Kwasi Kwarteng and Liberal Democrat Defence Spokesperson Helen Maguire described the breaches as deeply embarrassing, very serious and a sign of staggering incompetence, calling for an immediate, fully independent investigation. The Ministry of Defence responded by stating that it is honouring its commitments to all eligible individuals who pass the relevant relocation checks, noting that anyone coming to the UK must pass strict security and entry checks before being able to relocate.