Somalia’s new electronic visa website lacks proper security protocols, which could be exploited by nefarious actors wanting to download thousands of e-visas containing sensitive information, including individuals’ passport details, full names, and dates of birth.Al Jazeera confirmed the system vulnerability this week, following a tip from a source with a background in web development.Recommended Stories list of 3 itemsend of listThe source provided Al Jazeera with information about the at-risk data as well as evidence that they had taken their concerns to the Somali authorities last week to make them aware of the vulnerability.The source said that despite their efforts, there had been no response from the authorities and the issue had not been fixed.“Breaches involving sensitive personal data are particularly dangerous as they put people at risk of various harms, including identity theft, fraud, and intelligence gathering by malicious actors,” Bridget Andere, senior policy analyst at digital rights group Access Now, told Al Jazeera.This new security weakness comes a month after officials said they launched an inquiry after hackers breached the country’s e-visa platform.This week, Al Jazeera was able to replicate the vulnerability identified by our source.We were able to download e-visas containing sensitive information from dozens of people in a short time. This included the personal details of people from Somalia, Portugal, Sweden, the United States and Switzerland.Al Jazeera sent questions to the Somali government and alerted them about the system flaw, but did not receive a response. Advert …
