by Nina Vaclavikova
Interview: Maurizio Giudici, president of Federalberghi Trieste
A cyberattack attributed to the hacking group “mydocs” has compromised personal identification data from several hotels in Italy and abroad between June and July, according to Italian authorities. The breach, which involved the theft of high-resolution scans of passports and identity cards used during check-in, affected four hotels and resulted in the exposure of roughly 70,000 documents.
Among the hotels targeted was the Hotel Continentale in Trieste, where hackers are believed to have obtained around 17,000 guest documents. The hotel’s management has not commented on the incident.
Maurizio Giudici, president of Federalberghi Trieste, said that the property management systems used by hotels typically store encrypted guest data for a limited period. The decision to retain scanned copies of documents, he added, rests with individual hotel operators. Giudici also emphasized that cybersecurity is a well-known concern in the hospitality industry, with hoteliers regularly investing in updates and safeguards.
The stolen material, initially blurred with pixelation, was later offered for sale on an online forum for amounts ranging from €800 to €10,000. Italy’s national digital agency, Agenzia per l’Italia Digitale (Agid), first reported the breach on August 6 and issued updates on August 8 and 11. The country’s postal police have been alerted and are investigating.
Industry representatives note that hotels are not legally permitted to permanently store guest documents. However, if hackers gain access to the scanning equipment, they can intercept copies transmitted to police authorities for registration purposes. Cybersecurity specialists warn that smaller, less-protected establishments are at the highest risk of such attacks.
