![UK Home Office](https://media.cybernews.com/images/featured-big/2025/01/uk-home-office.jpg)
Healthcare professionals trying to work in the UK may have had their passport details exposed – if hacker claims of infiltrating the Home Office’s database are true. The ministry said it's investigating the hacker claims.
Attackers claim to have breached the UK Home Office’s Department of Visas and Immigration (UKVI) database, accessing details of over 171,000 foreign workers. The Cybernews research team has analyzed the limited data sample and believes that the data is legitimate.
UKVI is responsible for processing visa applications and managing immigration to the UK. The department takes care of everything from student visas to permanent residency permits.
At this point the leak is not confirmed, and it is now known whether the attack is limited to one Home Office department. However, Home Office told Cybernews the institution is aware of the claims and is looking into it.
“We are aware of reports regarding an incident affecting UK Visas & Immigration and we are urgently investigating the validity of these claims,” Home Office's representative said.
![Post](https://media.cybernews.com/2025/01/immigration-post.png)
Attackers posted the data sample on a well-known data leak forum that cyberbandits use to acquire and peddle stolen information. According to the post, stolen details include:
- Work permits
- UK visas
- Residence permits
- Passports
- Bank statements
- Certificates of employer sponsorship
While it’s not entirely clear how recent the data is, the data samples provided show individuals who had their work permits issued in 2023.
The post claims that all of the exposed individuals are involved in the healthcare industry. The limited data sample supports the attackers’ claims. Moreover, the attackers seemingly still have access to the database, claiming it’s periodically updated with new submissions.
If confirmed, the attack would severely endanger the privacy of impacted individuals. For one, cybercrooks who possess the stolen details could craft a sophisticated identity theft attack, opening up bank accounts, applying for loans, and, at least in theory, applying for false IDs.
The combination of a government ID with a bank statement is particularly dangerous since many UK-based organizations require the pair to verify applicants’ identities.
Additionally, attackers could resort to social engineering attacks. Malicious actors are already aware that potentially exposed individuals are foreign workers, which allows them to pose as fake immigration offers and attempt to extort unsuspecting victims.
Potentially exposed individuals should be particularly cautious about any immigration correspondence as well as monitor their bank account statements for any unusual activity.
Updated on January 9th [08:00 a.m. GMT] with a statement from the Home Office.
Your email address will not be published. Required fields are markedmarked