A private website operating under the name UK Visa Portal has been found to be publicly exposing the personal identification documents and biometric data of thousands of applicants. The site, which is not affiliated with the official British government immigration services, has reportedly left at least 100,000 sensitive files—including passport scans and applicant selfies—accessible online. Many users have mistakenly utilized this third-party service, believing it to be the official portal for securing U.K. immigration visas.

Investigations into the security lapse confirmed that the data remains exposed, with no clear indication that the company has taken steps to secure the information. The website lacks a dedicated security reporting mechanism, and attempts to contact the firm’s management regarding the vulnerability have been met with silence or redirected to legal and public relations representatives. Due to the extreme sensitivity of the exposed documents, security experts have refused to share specific technical details with general support channels, citing concerns that the information could be further mishandled.

This incident highlights the significant risks associated with using unofficial third-party immigration services. Applicants are strongly advised to verify that they are using the official government website, GOV.UK, when applying for travel authorizations or visas. Because the security flaw remains unpatched, individuals who have previously used the UK Visa Portal are encouraged to monitor their personal information for signs of identity theft or unauthorized use.