Description: The Government Legal Department launched an investigation after it suffereda data leak in which the names of civil servants claiming expenses was published online. Documents showing officials' names were published on GOV.UK accidentally. It also contained the credit-card spend at the department of more than £500 between November 2021 and May 2022.

Description: The UK's Ministry of Defence (MoD) was once more at the center of a security breach that resulted in the online exposure of classified weapon information. Due to an error in the blacking out of certain portions of a document put online in April 2011, the MoD briefly disclosed secret information regarding nuclear submarines on its website. A quick cut-and-paste operation made it possible to read the large parts that dealt with the flaws in modern submarines that were blacked out.

Description: Organized crime has extracted £47 million from the UK government in a phishing operation. The operation involved mimicking taxpayer credentials and claiming payments from HMRC. No data from taxpayers was taken, but the incident has affected 100,000 Pay-As-You-Earn (PAYE) accounts. Authorities have begun a criminal investigation, and arrests have been made. The £47 million was taken through three separate payments, and HMRC was able to protect £1.9 million that was sought by the entities behind the operation.

Description: A major data breach occurred in February 2022 when a member of the armed forces inadvertently shared a spreadsheet containing the names of thousands of Afghans who were in danger from the Taliban and had applied for sanctuary in Britain. The leak put the lives of up to 100,000 Afghans at risk and prompted a top secret resettlement scheme projected to cost billions. The official responsible for the leak is still employed by the government, and the incident was kept under wraps for nearly two years due to a superinjunction.

Description: A massive personal data leak in February 2022 involving the UK’s Ministry of Defence (MoD) resulted in the exposure of personal information of nearly 19,000 Afghan nationals who had applied for the Afghan relocations and assistance policy (ARAP). The breach occurred when a defence official mistakenly emailed a spreadsheet containing the names and personal details of the applicants outside of official government systems. The leak has endangered the lives of the individuals and their families, as the Taliban, now in power, is known to hunt down those who supported the US-led coalition. The breach was discovered more than a year later when excerpts of the dataset were anonymously posted to a Facebook group. A small number of people named on the list are known to have been subsequently killed, although it is unclear if this was a direct result of the data breach.

Description: The Afghan data breach has exposed the names and details of MI6 officers and members of the Special Air Service (SAS) and Special Boat Service (SBS). This leak is considered one of the worst in UK government history, potentially endangering the lives of those involved in covert operations. The greatest risk is to Afghans still in Afghanistan, with around 100 British operatives also affected. The breach was discovered in August 2023, providing nearly two years to implement protective measures.

Description: In February 2022, a data breach occurred when someone at UK Special Forces headquarters inadvertently emailed over 30,000 resettlement applications to an individual outside of government. This breach compromised the identities of more than 100 British officials, including members of special forces and MI6, and put thousands of Afghans at risk of retribution from the Taliban. The government discovered the breach in August 2023, leading to the covert setup of the Afghanistan Response Route (ARR) resettlement scheme, which has allowed 4,500 Afghans and family members to move to the UK at an estimated cost of £850m.

Description: The Ministry of Defence (MoD) experienced a significant data breach where the names and details of more than 19,000 people were leaked. This breach occurred when an unnamed official emailed a spreadsheet outside the government team processing Afghan relocation applications, leading to the data entering the public domain. The leak was discovered in August 2023 when names of individuals who applied to move to the UK appeared on Facebook. Many Afghans now fear retribution from the Taliban, and the MoD has stated it will not provide compensation or proactively give payouts to those affected. The breach has led to significant distress and worries for the affected families, who are seeking relocation to safer countries.

Description: The website of the National Crime Agency was targeted by the Lizard Squad hackers which left the site inaccessible for some time. The websites or servers are flooded with requests for data and were attacked with a distributed denial of service (DDoS) attack. The attack disturbed the normal functioning of NCA.

Description: The government websites and the websites used by the FBI in the UK were targeted by a group of teenage hackers in a cyber attack. They also targeted the heavily used” Home Office website which provides information about various subjects including passports and immigration back in 2013. All the members of the group were identified in the investigation and then were charged with various charges.

Description: The Department for Environment, Food & Rural Affairs (DEFRA) website in the U.K. fell victim to a redirect attack in which the cybercriminals used an open redirect to send visitors to fake OnlyFans pages. Threat actors exploited an open redirect that appeared to be a valid UK government URL but instead routed visitors to the bogus OnlyFans dating site. The website widely used services that offer users access to adult content for a subscription so they could steal users’ personal information.