UK Visa Portal leaked applicants' passports and selfies — firm sent lawyers, not fixes

An IT update: the UK Visa Portal exposed passports and selfies of thousands of applicants.
- An anonymous tip to TechCrunch found an open Amazon S3 bucket with up to 100,000 files.
- Many photos contained geotags; in several cases home addresses could be identified.
- The site is not government-run; users paid a third-party service rather than GOV.UK.
- Instead of promptly fixing the issue, the company deployed lawyers and PR; management was unresponsive. The bucket was secured only after publication.
Why this matters: leaking ID data increases fraud risk and may trigger notification obligations to affected individuals and regulators.
Do you think vetting such services before payment is sufficient?
#cybersecurity #data #IT #privacy


Latest comments
No comments yet.