Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: passport (2 articles)Clear

Fake 'UK Visa Portal' third-party (Active Leadgen LLC) exposed 100,000 passports and selfies on public AWS S3

TechCrunch has flagged a public AWS S3 bucket operated by a UAE-registered third-party site, UK Visa Portal (Active Leadgen LLC), that exposed at least 100,000 passport scans and selfies belonging to people who paid extra to apply for UK electronic travel authorizations. The site is not the official GOV.UK service; users could complete the same application directly on GOV.UK in minutes for free. The third party reportedly responded with legal threats instead of remediation. The dataset is now in the wild and creates substantial identity-document compromise risk - passport scans plus selfies enable KYC bypass against banks, exchanges, and government services.

Check
Brief staff that 'UK Visa Portal' and similar third-party visa-help sites are not GOV.UK and may leak documents. Anyone who uploaded a passport to ukvisaportal.com should treat it as compromised.
Affected
100,000+ individuals (and counting) who used Active Leadgen LLC's UK Visa Portal site. Passport scans plus selfies enable KYC bypass against banks, exchanges, and government services.
Fix
Affected individuals: report passport as potentially compromised; consider replacement. Banks/exchanges: tighten document-plus-liveness verification against AI-generated impersonations using leaked identity documents.

France arrested a 15-year-old as the suspected hacker behind the French government ID agency breach - 11.7 million records confirmed stolen

Update on the ANTS breach we covered April 22: French police detained a 15-year-old on April 25, suspected of running the breach3d alias and stealing data from France Titres (ANTS), the agency that issues French ID cards, passports, and driver's licenses. The Paris Prosecutor's Office charged the minor on April 29 with three offenses carrying up to seven years in prison. ANTS now confirms 11.7 million accounts affected - lower than the original 19 million claim but still one of the largest leaks of French citizen identity data ever. Exposed data includes full names, email addresses, dates of birth, postal addresses, and phone numbers.

Check
If you live or operate in France, watch for highly-targeted phishing referencing real ID details over the next 90 days - the breach data is now confirmed in attacker hands.
Affected
11.7 million French residents whose ID data, contact details, and dates of birth are in the breach3d dataset. Acute risk for individuals who used these details to create accounts at French government services or banks. Organizations operating in France that use government-issued ID for KYC checks need to assume their data sources are tainted.
Fix
ANTS recommends affected users reset passwords on government and banking accounts and watch for impersonation messages claiming to be ANTS or La Poste. Treat any inbound email referencing your real ANTS data as hostile. KYC checks based on French government ID numbers should be backed by additional verification (face match, document liveness check) for the next 12 months.