Facebook Twitter (X) Instagram Somali Magazine - People's Magazine
When Hamdi Mohamed applied for a Somali e-visa in September 2025, the experience felt surprisingly easy. She uploaded a scan of her passport, filled in her personal details, and submitted her contact information through an official government website. The process took only minutes and looked professional. To her, it felt like a sign that Somalia was finally making progress in digital services.
That confidence did not last long. Weeks later, reports emerged that Somalia’s new e-visa system had been breached, exposing the personal information of more than 35,000 applicants. The leaked data reportedly included passport details and contact information of travelers from several countries, including the United States and the United Kingdom. For Mohamed, the news was deeply unsettling. After seeing images of other people’s passports circulating online, she feared her own data might also be shared. The uncertainty, she said, has been hard to live with.
The breach has become one of Somalia’s most serious digital failures, turning what began as a technical problem into a wider crisis affecting public trust, national security, and international relations. The e-visa platform, launched on September 1, 2025, was part of the government’s push to modernize public services and strengthen border control. Officials had promoted it as a tool to improve efficiency and reduce security risks, including the threat of militants entering the country. Instead, the system itself became a major weakness.
Preliminary findings show that attackers were able to access a large database containing sensitive applicant information. While authorities have not shared full technical details, they confirmed that the breach went undetected for a long period. A government task force has been formed to investigate the incident, and officials say legal action could follow. However, many questions remain unanswered, including who built the system, how it was tested, and why basic safeguards failed. Efforts to get comments from immigration authorities have so far been unsuccessful.
For travelers and the Somali diaspora, the impact is personal and immediate. Travel agents say many clients are now hesitant to use the online visa system, with some turning to informal alternatives that are more expensive and less predictable. While some agents say the platform is still functioning, others report widespread fear and confusion among applicants. Many diaspora Somalis say the incident confirms long-standing concerns about weak data protection and misuse of personal information.
Cybersecurity experts argue that the breach was not caused by advanced hacking but by poor governance. According to Bashir Dhore, a certified cybersecurity professional, the system was left exposed due to weak access controls, lack of oversight, and the absence of regular security audits. He said the problem could have been prevented and described it as an institutional failure rather than a technical one. The server hosting the data was reportedly misconfigured, making sensitive information publicly accessible despite earlier warnings.
Concerns grew further when the government quietly changed the visa website’s address without explaining why. Former telecommunications minister Mohamed Ibrahim said the lack of transparency only made matters worse. He argued that while Somalia may not have advanced technology, the public still deserves clear communication when serious problems occur.
The fallout has also deepened political tensions. Authorities in Somaliland and Puntland rejected the federal e-visa system, citing security risks and constitutional concerns. Somaliland announced it would not allow entry to travelers using the federal e-visa, while Puntland insisted on collecting entry fees at its own airports. These moves have added to existing friction between regional administrations and the federal government.
International partners have taken notice. The United Kingdom warned its citizens that the breach was ongoing and advised them to carefully consider the risks before applying for a Somali e-visa. The United States also urged applicants to assume their data may have been affected. Comparisons have been drawn with neighboring countries like Kenya and Uganda, where e-visa systems operate under stronger data protection laws, independent oversight, and clearer public communication.
As Somalia continues to roll out other digital public services, including national identity and verification systems, the e-visa breach stands as a warning. For applicants like Hamdi Mohamed, the issue is no longer about technology but accountability. Until clear responsibility is established, confidence in Somalia’s digital future remains fragile.