A Fake UK Visa Site Left 100,000 Passports Wide Open

Key Points:

• A third-party UK visa site, operated by Active Leadgen LLC, exposed sensitive data including passports and selfies of at least 100,000 individuals on a public AWS server.
• The exposure raises significant identity theft concerns as the leaked files contained personal information such as passport numbers and GPS coordinates that could reveal home addresses.
• Immediate actions should include notifying affected individuals, securing any exposed data, and conducting a thorough investigation to understand the extent of the breach and prevent future occurrences.

Technical Details: The exposure was due to a backend bug on the UK Visa Portal website that allowed unauthorized access to files stored in an Amazon S3 bucket. The bucket was secured shortly after the issue was reported by TechCrunch.

MITRE ATT&CK Techniques: None mentioned

IOCs Mentioned: None mentioned