Stolen Identities of Over 50,000 Italian Vacationers
In a troubling turn of events, a cybersecurity incident known as the Mydocs hack has compromised the personal data of thousands of tourists and business travelers in Italy and Spain. The breach, which occurred between June and August 2025, has affected at least 10 hotels, including luxury establishments in cities like Venice, Trieste, Capri, and Mallorca, Spain.
The Mydocs hacker group, notorious for its brazen data thefts, is responsible for this large-scale data breach. The group has stolen nearly 100,000 high-resolution scans of passports, ID cards, and other identification documents from tourists and guests during hotel check-in.
These documents, which consist of scanned identity documents submitted by guests as part of hotel registration requirements, many processed digitally by hotel systems, are being sold on dark web forums in batches totaling around 90,000 to 100,000 scans. Prices range from approximately €800 to €10,000 per dataset, depending on the content.
The affected hotels range from luxury to upper-tier establishments, especially in high-tourism Italian cities mentioned above, and at least one hotel in Mallorca. The four-star "Ca' dei Conti" hotel in Venice, for instance, has been affected, with approximately 38,000 documents compromised.
Italian authorities, including the Agency for Digital Italy (AgID) and the national cybersecurity CERT-AGID, have confirmed the breach and are conducting investigations. They emphasize the high risk of fraud, identity theft, and social engineering attacks stemming from this data leak.
The full list of breached hotels has not been officially disclosed, but investigations and cybersecurity analyses are ongoing. Guest victims have been urged to remain vigilant for phishing and fraudulent activities using their stolen data.
This incident underscores the continued cybersecurity risks within the hospitality sector. The stolen documents pose a significant risk for identity theft and other forms of fraud, highlighting the need for enhanced security measures in the industry.
- The stolen high-resolution scans of passports, ID cards, and other identification documents from tourists and guests during hotel check-in are being sold on dark web forums, showcasing the increased threat of identity theft and fraud in the general-news landscape.
- The Mydocs hacker group, Notorious for its brazen data thefts, has demonstrated how technology can disrupt people's lifestyles, as shown by the cybersecurity incident that compromised the personal data of thousands of tourists and business travelers in Italy and Spain.
- Amidst the growing concerns for cybersecurity, the travel industry, particularly luxury hotels in high-tourism cities like Venice, Trieste, Capri, and Mallorca, Spain, are grappling with the reality of enhancing their security measures to counteract the increasing exposure to crime-and-justice incidents like the Mydocs hack.
