UK MoD creates an email data breach with CC emails


United Kingdom’s Ministry of Defense(MoD) has created data breach early this month exposing contact details of over 250 Afghan interpreters who are hiding in Afghanistan or have moved to other countries through different means, because of the Taliban’s takeover of entire Afghanistan in August this year from the forces of America and UK.

The email blunder occurred because of an irresponsible behavior of an employee serving UK’s Afghan Relocations and Assistance Policy(ARAP) team.

What happened is that the employee created a blunder of Carbon Copying an email to several email addresses exposing their email address, names, and linked in profile images to all those who received the mail. And security analysts say that such blunders can push the interpreters into life-threatening situations.

Britain’s MoD immediately investigated the incident and launched suspended the official for showing carelessness while performing the duty

Cybersecurity Insiders have learnt that the matter did not end here. As a second data breach occurred at the end of last week, leaking details of Afghan nationals eligible to relocate to UK. It was revealed in a report published by BBC and the reporter tagged the news as a pretty serious matter that could lead to severe troubles in future as the content in the email said that the embassy could not contact them and so wanted them to update their details.

So, to those who are new to email etiquette, here’s a thumb rule to follow. When you email and would like to add a long list of recipients, add their contacts with BCC email feature as it keeps the receivers details anonymous in the email. A CC feature in the email composes when the contacts are happy to have their email addresses shared and seen by everyone.

Hope, those reading this article and are unaware of this basic email sending etiquette are now aware of the difference between a ‘CC’ email and ‘BCC’ email is.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display