Italian authorities have revealed that tens of thousands of passport and ID scans belonging to tourists have been stolen from hotel servers and are now being sold on the dark web.
In a statement on Wednesday, Italy’s national digital agency said it had “detected illegal sales of identity documents allegedly stolen from hotels operating in Italy.” The stolen data includes high-resolution scans of passports, identity cards, and other identification documents collected during check-in procedures.
According to the agency, nearly 100,000 documents were stolen by a hacker using the pseudonym “mydocs,” who claimed to have obtained them through unauthorised access to hotel computer systems between June and August 2025.
The breach has so far been confirmed at 10 hotels, though officials warned more cases could surface. The exact locations of the affected hotels were not disclosed.
Authorities cautioned that the compromised data could be exploited to create fake IDs, open fraudulent bank accounts, or facilitate other forms of identity theft. Victims have been urged to monitor their personal information and report suspicious activity.
The incident highlights growing cybersecurity vulnerabilities in the hospitality sector, where hotels routinely collect sensitive personal data from guests. An investigation into the breach and the sale of the stolen documents is ongoing.
Written By Rodney Mbua
