MoD logs 45 security breaches a day as ‘terror-target’ devices and IDs go missing

More than 40 suspected security breaches are being reported to the Ministry of defense every day, Metro can reveal.

Close to 19,000 incidents that could have compromised British defense assets were flagged to officials from January 2025 to February 2026.

This included thousands of reports of lost hardware, such as phones and laptops, as well as assets classed as attractive to terrorists.

defense personnel also raised questions over dozens of occasions where people were left unaccompanied on site, and more than 20 suspected undeclared relationships with nationals from restricted countries.

Metro’s findings have prompted calls from senior politicians and experts for the Ministry of defense (MoD) to fix a ‘complacent’ culture around security.

Data obtained by this newspaper has revealed that almost 19,000 security incidents were reported through the MoD’s Security Incident Reporting Form (SIRF) in 2025 and the first two months of 2026 – an average of 45 a day.

A security incident is defined as any event that compromises or has the potential to compromise defense assets, including personnel, information or infrastructure.

The figures revealed that sensitive items, such as laptops, phones and USBs, were being reported lost three times a day on average, a total of more than 1600 SIRF forms over the 14 months.

There were also over 200 reports of device thefts and more than 200 SIRFs recording the loss of potentially sensitive paper documents and notes.

Of particular concern are the over 600 reported losses of assets classified as Attractive to Criminal and Terrorist Organisations (ACTO).

The MoD specifically warns that the loss of ACTO assets constitutes a threat to life or could support and enable a terrorist or criminal threat.

There were also 71 reported thefts of ACTO assets.

‘You just need to be so careful’

Professor Alan Woodward, a security expert, warned this data ‘smacks of complacency’.

He told Metro: ‘It never ceases to amaze me how we still lose laptops and bits of electronic equipment.

‘Even if this equipment is protected and encrypted, it is potentially still of interest because some information can still be retrieved. You just need to be so careful.’

The SIRF Forms also raise concerns about how security is approached on sensitive MoD sites.

Officials reported close to 150 occasions where there was a failure to escort visitors or personnel.

MoD chiefs were also informed of 22 undeclared relationships with restricted country nationals.

Prof Woodward said: ‘We are living in a more aggressive geopolitical environment. Overseas countries are going to take any opportunity they can to get more information on our military. 

‘You are told very very clearly [to declare relationships. In the modern world it is much easier to entrap people and to make them become targets.

‘The MoD has to keep relearning these lessons [on security]. They have to make sure that people have it in front of their minds.’

Sensitive MoD areas appeared to be exposed on a number of other occasions.

There were 400 reports of unauthorised physical access or attempts to gain unauthorised access, as well as almost 350 reports of suspicious drone activity.

The data has also placed more scrutiny on the number of personnel potentially breaking crucial MoD security policies.

Staff made more than 2,700 reports of security rules and procedures being breached.

These could have included bringing personal electronic devices into restricted areas, and a failure to secure material.

There were also more than 2,000 reports of unauthorised disclosures of information, including on social media and leaks to the press.

Warnings issued

The Chair of the defense Committee in the House of Commons warned that security breaches can cause things to ‘go catastrophically wrong’.

labor MP Tan Dhesi told Metro: ‘The Ministry of defense must do all it can to promote a culture that prioritises security, whether this be preventing breaches at bases, or ensuring that sensitive information does not fall into the wrong hands.

‘Importantly, it also means the MOD should encourage individuals to report security breaches when they do happen.

‘When things go wrong, they can go catastrophically wrong, and the Afghan data breach is a prime example of this.’

The largest number of reports – more than 5,000 – related to lost, stolen or misused ID cards.

Prof Woodward said ID cards falling out of the hands of personnel was still ‘a worry’ and could ‘pose a threat’.

He added: ‘It relies on people being diligent. Immediately when a loss is reported, access can be taken out of the system.’

Potential cyber breaches accounted for more than 700 SIRF Forms, but the MoD did not disclose further specific information about those reports.

The Ministry of defense did not reveal the reason for 2,000 of the most sensitive reports, including potential reports of insecure sites, corruption, reconnaissance and other concerns.

The MoD also stressed that the submission of a SIRF does not indicate that a genuine security breach has occurred.

Officials insisted that the existence of a SIRF should not be interpreted as confirmation of a validated threat or vulnerability, as all reported are first triaged to determine the risk.

Professor Angela Sasse, who studies human behavior in security systems, said her research has ‘continuously shown that many security policies cannot be followed in practice.’

The UCL lecturer added: ‘In some cases there may be malicious intent, ignorance or carelessness – but most people, most of the time, break the rules because they had to make a choice between getting an urgent task done, or following the rules.’

James Cartldige MP, Shadow defense Secretary, said: ‘These figures are a stark reminder that, in an increasingly dangerous world, security can never be taken for granted.

‘Our brave servicemen and women do an outstanding job protecting our country, but everyone across defense must remain vigilant and take responsibility for their own actions and those around them.

‘Our Armed Forces deserve strong leadership and unwavering support. Only the Conservatives, under new leadership, have a plan to back our Armed Forces and keep Britain secure.

A Ministry of defense spokesperson said: ‘We take all breaches of security very seriously and encourage use of Security Incident Reporting Forms.

‘All incidents are subjected to a security risk assessment, and we do not hesitate to take further action where necessary.’

Get in touch with our news team by emailing us at webnews@usnewsrank.com.

For more stories like this, check our news page.