Tens of thousands of digitization of tourist identity papers were stolen from Italian hotels servers and sold on the Dark Web, alerted the Italian digital agency (AGID).
The AGID “detected an illegal sales documents activity that would have been stolen from hotels operating on Italian territory,” she said in a press release consulted on Thursday by AFP.
“These are dozens of thousands of high-resolution passports, identity cards and other identity documents used by customers during check-in operations,” said the press release.
The agency, in several successive press releases in recent days, evokes nearly 100,000 documents stolen.
The author having put these documents for sale, known by the pseudonym “Mydocs”, said having obtained them “thanks to unauthorized access to computer systems, between June and August 2025”.
In total, ten hotels installed on Italian territory are affected by this hacking, but “it is not excluded that other cases can emerge in the coming days”, warn the authorities.
The agency also alerts the “consequences for the victims which can be serious, both economically and legal”, recalling that these data, once stolen, “can be used for fraudulent purposes: creation of false documents, opening of bank accounts, digital identity theft”.
Hotels and hotel reservations are regularly targets of cyber attacks, Marriott, Caesars and the Booking.com groups have notably been victims.
