A hotel check-in platform called Tabiq exposed more than a million customer passports, driver’s licenses, and selfie verification photos on the open web after its operator, Japan-based startup Reqrea, left an Amazon cloud storage bucket publicly accessible. A security researcher discovered the leak by browsing the bucket using only its name “tabiq,” and TechCrunch alerted Reqrea and JPCERT. Reqrea later locked down the bucket, but said it doesn’t know how it became public or whether anyone accessed data beforehand.
Swipe through stories, personalise your feed, and save articles for later — all on the app.
