A hotel check-in system operated by a technology company exposed personal identification documents belonging to approximately one million customers due to a cloud storage misconfiguration.

The breach occurred when the tech company responsible for maintaining the hotel check-in platform inadvertently set its cloud storage system to public access. This configuration error allowed anyone on the internet to view and access stored customer data without requiring a password or authentication credentials.

The exposed data included sensitive personal identification documents such as passports and driver's licenses that customers had submitted during the hotel registration process. These documents typically contain full names, addresses, identification numbers, and photographs of guests.

The scope of the breach affects roughly one million individuals who used the check-in system at participating hotels. The company has not disclosed the specific timeframe during which the data remained publicly accessible or when the security vulnerability was discovered and addressed.

This incident highlights ongoing concerns about data security practices among companies that handle sensitive customer information, particularly in the hospitality industry where personal identification verification is standard procedure.