Britain left behind sensitive technology that helped the Taliban track Afghans working with Western forces, a whistleblower has told the Afghan leaks investigation.
The woman, known only as Person A, said Afghans affected by the data leak were told to move homes and change their phone numbers to protect themselves from the Taliban because it had the resources to track them.
MPs are investigating the Conservative government’s handling of the devastating leak of personal details of nearly 19,000 Afghans who asked to come to Britain to flee the Taliban.
A spreadsheet containing their personal data, including names, contact details and in some cases family information, was accidentally leaked by an officer working at the UK Special Forces Headquarters in February 2022.
This leak came to light in August 2023, when the names of nine people who had applied to go to the UK surfaced on Facebook. Person A, an independent volunteer caseworker who was working with the targeted Afghans, was alerted to this and notified the Ministry of Defense.
“There seems to be a misconception that the Taliban don’t have the same facilities that we have,” he told MPs on the Defense Select Committee at a private hearing on 18 November.
“We left it all in Afghanistan; they have it. If they have your phone number, they can track you to within a few meters. That’s what the (redacted) unit did.”
Asked by Jesse Norman, Conservative MP for Hereford and South Herefordshire, whether the Taliban had the necessary encryption and de-encryption technologies, Person A said: “They’ve got everything.”
Norman was asked to clarify whether “we left sensitive material and kit for them which they were using against us?” He replied: “Yes.”
Preliminary research presented to the inquiry last month estimated that at least 49 family members and colleagues of Afghans affected by the leak were killed.
An ordinance regarding the leak was implemented in August 2023 and barred any information about it from being made public until July 2025.
Person A told MPs he was given the injunction without any legal advice during a team call with the government on 18 September 2023.
He alerted the then Conservative Armed Forces Minister James Heppey and his Labor counterpart Luke Pollard about the leak by email on 13 August 2023. He didn’t hear back from Happy until August 28, 2023, when he tagged him in a post on X.
After newsletter promotion
Because she was restricted by the injunction, Person A and the NGO she was working with told the Afghan families they were working with that they were “concerned that someone’s phone may have been compromised”.
“We recommended that they leave if possible and change their phone numbers. These were the two main details that could have been traced if the Taliban had access to this information,” he said.
Person A argued that Paul Rimmer, a retired civil servant who reviewed the breach, was wrong to conclude that the acquisition of the dataset by the Taliban was “unlikely to substantially change an individual’s existing risk given the amount of data already available”, and that it was also unlikely that “merely having access to the dataset would be grounds for targeting”.
He said, “The thing to remember is that these Afghans are not standing up to the Taliban; they are in hiding. Everything depends on their previous employment. They don’t just target the main applicant; they target families.”
“We have people who have been killed by electric shock. We have people who have drowned in water. We have people who have been killed by large outdoor electrical wires that are around the thickness of your fist… We have four-year-old children who have broken their arms trying to tell their family where someone is.”
<a href