"Al Jazeera confirmed the system vulnerability this week, following a tip from a source with a background in web development. list of 3 itemsend of list The source provided Al Jazeera with information about the at-risk data as well as evidence that they had taken their concerns to the Somali authorities last week to make them aware of the vulnerability."
"Breaches involving sensitive personal data are particularly dangerous as they put people at risk of various harms, including identity theft, fraud, and intelligence gathering by malicious actors, Bridget Andere, senior policy analyst at digital rights group Access Now, told Al Jazeera. This week, Al Jazeera was able to replicate the vulnerability identified by our source. We were able to download e-visas containing sensitive information from dozens of people in a short time."
Somalia's e-visa website lacks proper security, exposing thousands of e-visas with passport numbers, full names, and dates of birth. A source with a web development background reported the vulnerability, provided evidence, and said Somali authorities did not respond to the alert. Independent replication of the flaw allowed rapid downloading of e-visas from dozens of people, including nationals from Somalia, Portugal, Sweden, the United States and Switzerland. Officials launched an inquiry after a hacking breach a month earlier, yet the system was redeployed. Digital-rights experts warn such exposures risk identity theft, fraud and hostile intelligence gathering.
Read at www.aljazeera.com
Unable to calculate read time
Collection
[
|
...
]