Nearly a million passports exposed on the public internet—and anyone could access them with a simple URL
Summary
Nearly a million passports and driver’s licenses were exposed on publicly accessible web servers with no authentication or encryption. The exposure occurred due to misconfigured storage used for identity verification data, allowing anyone with a URL to access sensitive documents for months. The piece emphasizes data stewardship failures, potential identity theft risks, and regulatory questions.