A major UK visa processing platform has reportedly exposed sensitive personal data of thousands of applicants, including passport details and facial images, raising serious concerns aboutdigital security and government-linked infrastructure.
AccordingtoTechCrunch, the issue involves a visa portal that inadvertently made applicants' private documents publicly accessible online, with evidence suggesting the leak included passports and 'selfie-style' identity images used for verification purposes.
The report adds that the vulnerability remained unaddressed for a significant period, despite awareness of the exposure, intensifying concerns over how such sensitive immigration data is handled.
The exposed information reportedly included highly sensitive identity documents submitted by visa applicants as part of standard immigration verification procedures.
This includes passport scans and facial photographs intended for biometric confirmation, data typically subject to strict privacy protections under UK and international data protection regulations.
TechCrunch reports that the exposed files were accessible without proper authentication, meaning that individuals with the correct link or system access could potentially view confidential records belonging to other applicants.
While the full scale of the breach has not been independently verified by UK authorities at the time of reporting, the nature of the exposed data has triggered alarm amongprivacy advocates.
The incident has reignited scrutiny over the security standards ofdigital immigration and visa processing systems, particularly those handling large volumes of personal data.
Experts in cybersecurity note that systems handling passport and biometric data are typically expected to adhere to strict encryption, authentication, and access control protocols.
Any failure in these safeguards can lead to exposure of highly sensitive, difficult-to-replace data, including passport numbers and identity imagery.
Source: International Business Times UK
