UK Visa Portal website leaks thousands of user passport data and photos online
Date:
Wed, 27 May 2026 13:05:00 +0000
Description:
Passports, verification selfies and other supporting documents were stored in an unsecured cloud storage repository.
FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Third-party UK Visa Portal website exposed 100,000 docs in an unsecured cloud repository Cybercriminals with access to the affected PII could conduct identity theft or fraud Victims advised to protect and monitor accounts, and await notification UK Visa Portal, a third-party website separate from the official government offering, has reportedly left thousands of highly sensitive documents exposed in a
major data leak.
Affected documents and details include passports, photos, verification
selfies and other application information, leaving victims widely open to identity theft and potential financial fraud. The issue happened as a result of documents being stored on an unsecured server without password protection, meaning anyone with a direct link could access and view them. Latest Videos From You may like Top money transfer site Duc leaks user passport and driving license data info online Millions of hotel goers may have been exposed after hackers steal data and leak it on Telegram The Vimeo data breach exposed personal information of 119,000 people UK Visa Portal applications exposed
The data exposure was caused specifically by a misconfigured cloud storage repository that was entirely public but worse than that, it's also been revealed that the file directory structure allowed used a predictable URL, meaning attackers could easily guess or work out the link even if they didn't have it in the first place.
Most evidently, primary passport pages exposing full names, passport numbers, nationalities, dates of birth, places of birth, and issue and expiry dates were included in the leak, but accompanying documents providing home addresses, contact numbers, email addresses and more provided attackers with even more PII.
TechCrunch reports at least 100,000 documents were available without restrictions, and as of May 26 2026, the issue had still not been addressed.
Many victims likely accessed the third-party website erroneously, believing this was the correct way to obtain an Electronic Travel Authorization a process that the UK government offers in-house for a 20 fee. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get
all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting
your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
Individuals who may have used the platform are being advised to monitor and protect their credit accounts and to secure online accounts with additional layers like multi-factor authentication and passkeys. Data protection laws also legally require affected individuals to be notified it's unclear if contact has already been made. Follow TechRadar on Google News and add us as
a preferred source to get our expert news, reviews, and opinion in your feeds.
======================================================================
Link to news story:
https://www.techradar.com/pro/security/uk-visa-portal-website-leaks-thousands- of-user-passport-data-and-photos-online
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)