UK, US Embassies Warn of Major Breach in Somalia’s eVisa System

The UK and US embassies in Somalia have warned that cyber attackers infiltrated Somalia’s eVisa system, resulting in the exposure of sensitive personal data for thousands of travellers.

 

In a recent press release, the U.S. Embassy in Somalia stated that on November 11, it received multiple credible reports indicating that unauthorised threat actors had infiltrated Somalia’s e-visa system, gaining access to the personal data of at least 35,000 individuals, potentially including thousands of U.S. citizens.

 

Leaked data included visa applicants’ names, photos, dates and places of birth, email addresses, marital status, and home addresses.

 

“While Embassy Mogadishu is unable to confirm whether an individual’s data is part of the breach, individuals who have applied for a Somali e-visa may be affected,” the U.S. Embassy in Somalia said.

 

A similar warning has been issued by the U.K government, asking travravellers to “Consider the risks before applying.”

 

“Leaked data from the breach includes visa applicants’ names, photos, dates and places of birth, email addresses, marital status, and home addresses. This data breach is ongoing and could expose any personal data you enter into the system,” government officials said.

 

While officials of the Somali Government did not comment on the claims of a data security incident, it has shifted its visa service from evisa.gov.so to etas.gov.so, without providing an official explanation.

 

Also, Somaliland’s Foreign Minister, Abdirahman Dahir Aadan, stated that all travellers to Somaliland will receive visas on arrival, asserting that Somalia’s e-visa system is unsafe. He warned that using the system could result in personal data falling into the hands of extremist groups.

 

The director-general of the Somali immigration agency rejected media reports about the breach, describing them as “coordinated misinformation campaigns” aimed at undermining state institutions.