Particle.news
Download on the App Store
7 ARTICLES
·
10h ago

UK Visa Portal Left About 100,000 Passport Scans and Selfies Exposed

A misconfigured Amazon cloud storage bucket with a backend bug left sensitive images and location data open to anyone with the file URLs, raising fresh concerns about third‑party visa intermediaries and Britain’s digital ID plans.

Detailed view of British United Kingdom tourist visa in passport, showing UK travel multivisa in close-up, official document, travel approval
Image

Overview

  • TechCrunch reported the exposure and verified that roughly 100,000 passport images and biometric selfies were accessible, and the storage was secured hours after the story published on Wednesday.
  • The files were readable because an Amazon‑hosted storage bucket was misconfigured and a backend site bug allowed anyone with direct file URLs to view uploaded documents.
  • Journalists confirmed the data by contacting affected people and found many photos contained precise location metadata, in some cases accurate enough to show home addresses.
  • The site gave no clear security contact and did not respond directly to reporters; outreach produced responses from purported lawyers and a PR firm rather than verified management, and it is unclear whether users or regulators have been notified.
  • The incident highlights risks of commercial intermediaries that mimic government services, points to common cloud‑storage failures, and could increase scrutiny of the UK’s digital ID plans and data‑breach notification practices.