Guidance

Advice for veterans on the Armed Forces pay network compromise

There has been a compromise to an Armed Forces payment network. This page provides guidance for the small number of veterans who may be affected.

The Defence Secretary has updated Parliament.

If you are currently a veteran who has not received any type of payment from the MOD after 1 January 2018, you are not affected by the compromise.

If the only payments you have received from the MOD after 1 January 2018 relate to a regular Armed Forces Pension Scheme payment, a regular War Pension Scheme payment or a regular Armed Forces Compensation Scheme Guaranteed Income Payment, you are not affected as these payments are made via a separate system.

Defence takes its responsibility for veterans data very seriously. While we do not currently have any proof that data has been compromised, we must be prudent and assume that it may have been.

We are writing to all veterans who left from January 2018 onwards, and who are in receipt of a payment from the affected payment system. It is possible that these veterans may be affected by this potential compromise and we assume that they may have been.

To provide additional protection, MOD has purchased licences with a market-leading personal data protection service. Veterans who receive a letter informing them that they may be impacted will be able to access the service on a device of their choice. This will help the assurance, safety and security of data. The system will provide early warning and alerts detailing any unauthorised use or exploitation of your personnel data, on the internet or dark web.

This incident potentially impacts the personal data of current regular and reservist personnel and a small number of veterans. The data includes names and bank details, and for a small proportion of individuals, addresses. Address data may be place of work, administration address, or home address. Those whose home address is identified are in the process of being written to. 

We have taken immediate remedial action, taking the network offline to minimise risk. Initial investigations have found no evidence that any data has been removed from the network, but we will continue to investigate, working closely with other agencies. We have also launched a full review, drawing on specialist external and Cabinet Office support and expertise. We are also investigating potential failings by the contractor.

If you have received a letter from the Ministry of Defence about this, you can contact us via a dedicated phone line: 01249 596665 or e-mail DBS-Informationline@mod.gov.uk. When making contact please ensure you are able to provide your service number or national insurance number for identification purposes.

If you notice or have been advised that your details are unexpectedly online do not attempt to edit or delete the data or contact the website owner. Do not engage with anyone who claims to be you.

Helpful resources

The following resources may also be helpful: 

The Think Before You Link app can be downloaded to your personal devices.  The app provides tutorials on the importance of and how to manage your digital footprint, as well as guidance on how to recognise a potentially malicious approach online. 

Identity fraud

There is no requirement for you to do anything immediately, but you could consider a review of cyber best practice; for example, reviewing your personal social media privacy settings. You may also consider opting out of the open electoral register - www.ico.org.uk/for-the-public/electoral-register

If you become aware of any unexpected activity, it may be sensible to change associated passwords or speak to your bank.

Data security protection service

We have obtained an operating licence for a world-class data security protection service. For the non-serving community, an update will be provided on 01249 596665 or via an e-mail sent to DBS-Informationline@mod.gov.uk.

These services do not interact with the credit scoring system or report to the credit bureaus. There is no direct impact on your credit score from activating this service.

Further advice

At the moment we have no indication that this data has been exploited, but it is a good idea to remain vigilant and review your bank statements for unauthorised payments.

While you are probably already doing this, the following six signs are worth looking out for:

  1. Watch for any unauthorised activity: Always know what transactions are expected. Even the smallest unauthorised transfer can be a warning sign.
  2. Don’t ignore notifications: If you get an email saying your account details have changed and you didn’t change them, your account may be compromised.
  3. Beware of bogus calls: If someone phones and claims to be from your payment provider, insist on calling them back on the company’s public phone number.
  4. Don’t trust the text: If you suddenly start getting messages or calls from a mobile number that your provider doesn’t normally use - be very suspicious.
  5. Check every email: If an email or other online communication doesn’t look genuine, don’t reply to it without checking with your provider.
  6. Look out for bogus links: If you see strange activity on your account, check to see if you’ve recently clicked on any retrospectively suspicious links.

Banks routinely monitor your account and report unusual activity.  Most banks also use two-factor authentication. You are encouraged to use these techniques if available. It is likely that your bank will be in touch with you if they detect anything suspicious with your account.

Frequently asked questions

Network compromise frequently asked questions (MS Word Document, 45.3 KB)

Updates to this page

Published 10 May 2024

Sign up for emails or print this page