Filed under "shit I can't believe is still happening in 2026 but here we are": 1+ million photo IDs and selfies from a hotel check-in system left publicly exposed online for anyone to find.

Reply to Filed under "shit I can't believe is still happening in 2026 but here we are": 1+ million photo IDs and selfies from a hotel check-in system left publicly exposed online for anyone to find. on Sun, 17 May 2026 15:39:35 GMT

jayalane@mastodon.online — Sun, 17 May 2026 15:39:35 GMT

@zackwhittaker wow public bucket. First thing to do at a new job to learn the AWS infra is scan all the S3 buckets for public and for encryption. And versioning (to know how much caution is needed ).

Reply to Filed under "shit I can't believe is still happening in 2026 but here we are": 1+ million photo IDs and selfies from a hotel check-in system left publicly exposed online for anyone to find. on Sun, 17 May 2026 09:00:53 GMT

morfil@climatejustice.social — Sun, 17 May 2026 09:00:53 GMT

@zackwhittaker wouldn't the value of any one individual ID and accompanying info, go down to close to zero when so many of them get 'inadvertently published'? Like how many personal data has to be stolen before it becomes no longer a viable business model to steal it?

Reply to Filed under "shit I can't believe is still happening in 2026 but here we are": 1+ million photo IDs and selfies from a hotel check-in system left publicly exposed online for anyone to find. on Sat, 16 May 2026 09:50:54 GMT

m33@mastodon.social — Sat, 16 May 2026 09:50:54 GMT

@zackwhittaker that kind of news, the emerging of AI discovering vulnerabilities everywhere makes me seriously reconsider my blue team job.

Not worth it anymore, does it?
Either switch to red team or another field in computing.

Probably AI since totally computer science illiterate get praised more than any other IT staff nowadays

Reply to Filed under "shit I can't believe is still happening in 2026 but here we are": 1+ million photo IDs and selfies from a hotel check-in system left publicly exposed online for anyone to find. on Fri, 15 May 2026 21:14:46 GMT

canleaf@mastodon.social — Fri, 15 May 2026 21:14:46 GMT

@Li @zackwhittaker Because it is a legal requirement to see the id and provide a meldeschein. Some even scan your passport

Reply to Filed under "shit I can't believe is still happening in 2026 but here we are": 1+ million photo IDs and selfies from a hotel check-in system left publicly exposed online for anyone to find. on Fri, 15 May 2026 20:12:00 GMT

li@tech.lgbt — Fri, 15 May 2026 20:12:00 GMT

@zackwhittaker why the fuck do hotels even ask for your ID anyway ...

Reply to Filed under "shit I can't believe is still happening in 2026 but here we are": 1+ million photo IDs and selfies from a hotel check-in system left publicly exposed online for anyone to find. on Fri, 15 May 2026 19:59:39 GMT

zackwhittaker@mastodon.social — Fri, 15 May 2026 19:59:39 GMT

I really want to make two important points about this story.

I get there's a lot of AI buzz right now, but companies *still* aren't doing basic cybersecurity stuff. That's what's mostly causing major hacks and data lapses of late.

Plus: Governments rolling out age-verification laws and private companies expanding "know your customer" ID checks should seriously think again. Exposed passports and driver's licenses undermine these already-crap systems.

A hotel check-in system left a million passports and driver's licenses open for anyone to see | TechCrunch

The tech company that maintains the hotel check-in system set its cloud storage to public, allowing anyone to access customers' data without a password.

TechCrunch (techcrunch.com)

Reply to Filed under "shit I can't believe is still happening in 2026 but here we are": 1+ million photo IDs and selfies from a hotel check-in system left publicly exposed online for anyone to find. on Fri, 15 May 2026 19:58:54 GMT

fluffykittycat@furry.engineer — Fri, 15 May 2026 19:58:54 GMT

@zackwhittaker remember to always have a fake ID for age verification and checking in to a hotel. It's like using a VPN but for ID checks, basic security hygiene