...
...
Next Story

Security flaw in online UK visa

This flaw means that the details of 50,000 people may have been available online and that is a potential treasure trove for identity thieves and terrorists, reports Vijay Dutt.

Updated on: May 20, 2007 03:04 AM IST
None | By , London
Prefer HTon Google
Advertisement

An exclusive Channel 4 exposure of an alleged security flaw in Internet visa applications to the British High Commission in India has reportedly caused ripples in the Foreign Office.

HT Image
HT Image

This flaw means that the details of 50,000 people may have been available online and that is a potential treasure trove for identity thieves and terrorists. So far there has not been a hint of any radical coming from India but there is the possibility of identity theft by radicals.

The TV channel claimed that the personal details of thousands of people wanting to travel to the UK online was unsecured and available to anyone who simply altered a website address.

After the revelation, the Foreign Office posted a notice on May 17, saying that the VFS Global Ltd provides an on-line application system for UK visa applicants in India, Russia and Nigeria. Due to a technical problem the VFS online application system is currently unavailable. Customers applying for visas in these countries should contact their nearest visa application system for information.

Lord Triesman reacting to the reported breach said, "Security is paramount in our visa system. We will conduct an immediate thorough and independent investigation into this reported breach of one of our commercial partners' systems. The VFS website application service has been shut down.”

In April last year he had trouble with his application and in trying to sort things out, he discovered that he could access all the other applications that had been made online. Visa processing in India has been outsourced out for some years now by the Foreign Office to a private Indian company, VFS Global.

The TV report said that in a blog last week Sanjib Mitra revealed how he had checked and found the loophole was still there. He said that he emailed the company last year, and heard nothing. Concerned, he alerted specialist computer security journalist Davey Winder who investigated the breach.

Having determined the information was still vulnerable, and succeeded in getting VFS Global to secure the database, Winder contacted Channel 4 News. No one knows if anyone has stolen the personal data that was so freely available.

vdutt@aol.com

 
Get the latest headlines from US news and global updates from Pakistan, Nepal, UK, Bangladesh, Russia and US Iran war Live, get all the latest headlines in one place on Hindustan Times.
Get the latest headlines from US news and global updates from Pakistan, Nepal, UK, Bangladesh, Russia and US Iran war Live, get all the latest headlines in one place on Hindustan Times.
SHARE THIS ARTICLE ON
Hindustantimes wants to start sending you push notifications. Click allow to subscribe