ADVERTISEMENT

Hundreds of passport applications exposed at diplomatic institution

Half a thousand passport applications exposed at the Libyan Consulate in Stockholm left an unprotected instance accessible to the public.

Passport data leak and ID

Image by Cybernews.

Vilius Petkauskas
Vilius Petkauskas Deputy Editor
May 21, 2025 Updated: 21 May 2025 1 min read
Stefanie justinasv Paulina Okunyte Konstancija Gasaityte
Be the first to know and get our latest stories on Google News
Add us as your Preferred Source on Google.
  • Full names
  • Dates of birth
  • Email addresses
  • Parental details
ADVERTISEMENT
“With access to complete passport application details, cybercriminals may attempt to forge documents, commit immigration fraud, or engage in other fraudulent activities using stolen identities.”
  • Change the access controls to restrict public access and secure the bucket.
  • Update permissions to ensure that only authorised users or services have the necessary access.
  • Retrospectively monitor access logs to assess whether the bucket has been accessed by unauthorised actors.
  • Enable server-side encryption to protect data at rest.
  • Use AWS Key Management Service (KMS) for managing encryption keys securely.
  • Enforce SSL/TLS for data in transit to ensure secure communication.
  • Consider implementing security best practices, including regular audits, automated security checks, and employee training.

  • Leak discovered: March 2nd, 2025
  • Initial disclosure: March 3rd, 2025
  • CERT contacted: March 10th, 2025
  • Leak closed: March 27th, 2025
ADVERTISEMENT