Somalia's government has confirmed a major data breach of its electronic visa system, exposing the sensitive personal information of over 35,000 travellers. The incident has prompted warnings from the US and UK, raising serious concerns over digital infrastructure security.
Cyber News Centre's cyber update for 17th November 2025: Somalia’s Immigration and Citizenship Agency has confirmed a significant breach of its e-visa system, compromising the personal details of over 35,000 travellers and triggering urgent international cybersecurity advisories.
The Somali government's Immigration and Citizenship Agency is responsible for border control, issuing passports, and managing the country's visa processes. The agency recently launched the electronic visa system to digitise and centralise travel authorisation for all visitors to the country.
The Immigration and Citizenship Authority (ICA) confirms that it has detected an unlawful breach targeting parts of the data of individuals travelling to Somalia (e-Visa). The attempt was immediately identified and swiftly prevented.
— SNTV News (@sntvnews1) November 16, 2025
The Government of Somalia is treating this… pic.twitter.com/tN7Om8V1vg
Update: Somalia's government has confirmed its electronic visa system was penetrated by unidentified hackers, exposing the personal data of at least 35,000 travellers, including thousands of US citizens. The breach prompted the US and UK to issue security alerts, warning that the compromise is ongoing and any new data entered into the system is at risk. Leaked information reportedly includes names, photos, birth dates, and home addresses.
In response, Somalia's Security Minister, Abdullahi Sheikh Ismail Fartag, dismissed the deputy director of the Immigration and Citizenship Agency, Mohamed Kasim, citing the need to strengthen the agency's performance.
The government has since moved its visa service to a new website without official explanation, and the original portal has been taken offline. An investigation is underway to determine the origin and full extent of the attack, which represents one of the most significant cybersecurity failures in the nation's history.
The reshuffle came only hours after the Immigration and Citizenship Agency acknowledged that its online visa platform had been breached, a development first reported by Somali Guardian. Officials confirmed an investigation is underway to determine who was behind the intrusion and to assess the full extent of the damage.
Why it Matters: This breach severely undermines confidence in Somalia's digital infrastructure at a critical time of state-building and digitisation. For the 35,000+ affected travellers, the exposure of sensitive personal and travel data creates immediate risks of identity theft, targeted phishing, and potential physical threats, especially for diplomats and intelligence personnel who have reportedly left the country. The incident also fuels political tensions with the self-declared republic of Somaliland, which had warned the system was unsafe. The failure to protect such critical data erodes trust between international partners and the Somali government, potentially impacting foreign investment, aid, and diplomatic relations.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
CISA has added an actively exploited LiteSpeed cPanel Plugin flaw to its KEV catalogue, with hosting providers urged to patch or remove the vulnerable user-end plugin.
CISA’s latest KEV update mixes new Microsoft Defender flaws with legacy Windows and Adobe bugs, showing why exploited risk often sits in forgotten systems.
Microsoft has confirmed active exploitation of CVE-2026-42897, putting exposed on-prem Exchange and Outlook Web Access environments back under pressure.
NGINX Rift shows how a small rewrite-rule pattern can become a large operational risk. The flaw is not a universal one-request takeover, but exposed NGINX estates should still treat patching and configuration review as urgent.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
