My Lords, I thank the noble Lord, Lord Coaker, and the noble Baroness, Lady Smith of Newnham, for the points which they raise and for their ongoing support, and that of their Benches in this House, for the Armed Forces. Our people are our strongest asset and the department is committed to taking appropriate action to investigate this matter thoroughly, in terms of both the contractor and the malign actor, and to ensuring that this does not happen again.

Since yesterday, I can confirm that 100% of the backlog of travel and expenses claims held up by the data compromise have now been paid and I can give assurance, on the advice of departmental officials, that the May pay run will be unaffected. I can also confirm, further to the Statement, that public guidance for affected personnel is now live. This can be found on the GOV.UK website by searching for “pay network compromise”.

On the issue of the contractor, as the Defence Secretary confirmed in the other place, a full security review of the contractor’s operations is under way and appropriate steps will be taken if it is found to have been negligent or in dereliction of its duties under contract. This is being co-ordinated with cross-government partners as the contractor, as the noble Lord and the noble Baroness indicated, does not work solely for defence. The contractor, SSCL, holds 12 contracts across nine government departments. The incident in question, however, is isolated to defence and there is currently no evidence of any risk to any other government services provided by the company.

As the Defence Secretary stated yesterday on several occasions, it is true to say that a malign actor is involved and it is possible that it is attached to a country, or a group based in a country. But I would ask that we refrain from turning media speculation into fact before the investigation has had a chance to conclude its important work. The Ministry of Defence is not trying to avoid giving the House this information; we need to be certain before we are able to do so. The Defence Secretary committed in the other place to return when he has further information which can be disclosed, if it is in our country’s interests to do so.

On the subject of Border Force e-gates, my information is that this was a network system failure and not in any way connected to this data breach. The noble Baroness, Lady Smith, raised ongoing cybersecurity. As I hope the Statement and my follow-up remarks attest to, this is something we take incredibly seriously. On a personal level, cybersecurity threats involving bribery, fraud and corruption are all part of our ongoing soldier training, which has to be done individually and is renewed each year.

The noble Lord asked how many personnel may be affected. I am afraid I can add no further clarity, except to say that we believe that approximately 272,000 personnel may have been affected. Investigations continue to refine this number. We monitor all defence contracts and, as I say, this is an ongoing investigation. I would not want to say anything which could impede it in any way.