Somalia’s e-visa system suffers a catastrophic breach exposing over 35,000 passport records, including Western diplomats and alleged mercenaries, as hackers claim control of the platform and accuse Mogadishu of corruption and espionage.
A Digital Meltdown in Mogadishu
MOGADISHU — When Somalia’s official electronic visa portal abruptly went offline early Monday, officials called it “routine maintenance.” By nightfall, that story had collapsed.
Hackers claimed responsibility for a massive cyber intrusion into etas.gov.so, Somalia’s national e-visa system — an attack they branded “The Digital Heist.” They released links to thousands of leaked files, including what appear to be scanned passports, biometric data, and visa applications belonging to citizens from more than a dozen countries.
Cybersecurity analysts now call it one of Africa’s largest-ever government data breaches.
“This isn’t just a hack — it’s a digital coup,” said a Nairobi-based cybersecurity analyst who reviewed the data. “Somalia’s digital sovereignty has effectively been taken hostage.”
“We Have Seized the Keys”
In a manifesto posted online, the hacker collective declared victory with chilling confidence:
“The Digital Heist is over. We have seized the keys to etas.gov.so. This so-called immigration system is a $64 digital shakedown — a corrupt scheme to strangle Somaliland and control every traveler through Mogadishu’s gates.”
Their claims were explosive. They alleged Somalia’s e-visa portal was not directly managed by the federal government but outsourced to Empire Tech Solutions, a Nairobi-based private contractor — operated through unsecured Gmail accounts such as hassanalasow@gmail.com and emmanuelianodhiambo@gmail.com.
A Saxafi Media analysis of publicly available domain records and internal metadata confirmed the listed Gmail addresses were associated with the system’s domain registration and server management.
“Your national security is for sale,” the hackers wrote. “And the price is a Gmail password.”
35,417 Passport Records Leaked
Within hours, cybersecurity specialists confirmed the extent of the exposure. A partial sample of the leaked data reviewed by The Saxafi Media showed 35,417 passport records compromised — including 5,546 applicants from the U.S., U.K., and Australia.
Each record contained full names, nationalities, scanned passports, and in some cases biometric identifiers.
Among the leaked data were records belonging to aid workers, diplomats, and private contractors operating in Somalia and neighboring countries.
“You cannot run a sovereign nation’s immigration system through a Gmail inbox,” said Dr. Leila Nur, a cybersecurity researcher at the University of Nairobi. “It’s digital negligence of the highest order.”
The Somali Immigration and Citizenship Agency (SICA) acknowledged a “possible compromise” but has yet to issue a full statement.
Colombian Mercenaries and a Shadow Network
Then came the most alarming discovery. Within the leaked database, investigators found dozens of Colombian nationals of military age who entered Somalia on short-term visas before traveling onward to Sudan.
Western intelligence sources, speaking anonymously, said at least two names matched those of former Colombian soldiers later seen in video footage fighting alongside Sudan’s Rapid Support Forces (RSF).
Regional analysts now suspect the e-visa platform was being exploited — possibly with state complicity — to facilitate covert mercenary transfers across the Horn of Africa.
“The data shows bulk visa processing for Colombian operatives,” said one regional security consultant. “That’s not coincidence — it suggests coordination at a very high level.”
If verified, the revelation could expose a clandestine logistics pipeline stretching from Bosaso and Mogadishu to Darfur — linking Somalia’s fragile digital infrastructure to one of Africa’s bloodiest conflicts.
Government Denials and Mounting Questions
Somalia’s Interior Minister, Ahmed Mo Fiqi, dismissed the allegations as “baseless fabrications from enemies of Somalia’s progress.”
“The government of Somalia has no involvement in any foreign military transfers,” he said in a televised statement. “This was a criminal cyberattack designed to discredit our institutions.”
But cybersecurity experts say the structural flaws in Somalia’s digital infrastructure — coupled with its opaque outsourcing — make such denials difficult to believe.
“This is not a random hack,” said James Clarke, a Nairobi-based security consultant. “It’s a systemic failure born of corruption, negligence, and political opportunism.”
Diplomatic Fallout and Western Response
The diplomatic fallout has been immediate.
The U.S. State Department confirmed that data belonging to American citizens who applied for Somali visas may have been compromised. It advised affected individuals to contact the National Passport Information Center for guidance.
The U.K. Foreign Office issued a similar advisory, warning British applicants to “monitor for possible identity theft and cyber exploitation.”
“This is not just a technical failure,” said Clarke. “It’s a national security failure that puts real lives in danger.”
European Union officials are reportedly reviewing Somalia’s eligibility for digital aid grants tied to cybersecurity development.
A System Built on Sand
Critics have long questioned Somalia’s aggressive digitalization under President Hassan Sheikh Mohamud, accusing his government of creating a “privatized state within a state.”
From tax collection to passport processing, many digital services have been outsourced to private vendors operating with little oversight — often paid through transaction-based revenue models.
The e-visa scandal may now unravel that entire strategy.
“Digital governance without accountability is like building a palace on sand,” said Abdirahman Warsame, a digital policy researcher in Hargeisa. “It looks impressive — until the first storm hits.”
Somaliland’s Shadow and the $64 Question
In Hargeisa, the capital of Somaliland, the hack reignited long-standing anger over Mogadishu’s control of the federal visa system.
The platform, which charges $64 per application, requires even Somaliland-bound travelers to apply through Mogadishu — a policy many view as a political tool disguised as digital reform.
“It’s not about convenience; it’s about control,” said Hassan Muse, a former Somali digital policy adviser. “Whoever controls the border data controls the money — and the narrative.”
Hackers echoed this sentiment, framing their attack as resistance rather than sabotage. Operating under the codename “Operation Birjeex 2025,” they invoked the legacy of the Somali National Movement (SNM) — the guerrilla group that led Somaliland’s independence struggle in the 1980s.
“The legacy of our forefathers is a storm you cannot weather,” the group’s statement read. “The SNM are still alive.”
The Broader Cybersecurity Crisis
Cybersecurity experts say the breach exposes far more than a technical flaw — it highlights the fragility of governance in a state built on digital dependency.
“The Somali government’s rush to digitize public services was never matched with cybersecurity investment,” said Dr. Lina Abdirizak, an information security expert in Nairobi. “What we’re seeing is the predictable collapse of that imbalance.”
With the personal data of diplomats, aid workers, and defense contractors now online, international agencies fear the information could be exploited by Al-Shabaab or transnational criminal networks.
“Imagine entering Somalia to train counterterrorism forces,” said a Western intelligence official. “Now your passport and biometric data are in a public dump file. That’s not just embarrassing — it’s dangerous.”
A Digital Reckoning
As of Wednesday, etas.gov.so remained offline. The Somali government has promised to “rebuild a secure system,” but international trust is eroding rapidly.
“This crisis is a mirror,” said Dr. Nur. “It reflects how corruption and incompetence can turn technology from a shield into a sword.”
For a country struggling to rebuild institutions after decades of conflict, the Digital Heist represents more than a data breach — it is a warning that the next great battle for the Horn of Africa’s sovereignty may not be fought with guns or soldiers, but with passwords.
