Oh god that’s pretty bad

> The documents were hosted by systems used by cannabis clubs and a company called Nefos, which operates PuffPal, a platform that manages membership and age verification for cannabis retailers and clubs across Europe. The infrastructure storing these identity documents—full passport scans, driver’s licenses with photos, names, and identifying numbers—was left completely unprotected on publicly accessible web servers.

I cannot imagine the level of fines under GDPR for leaking that much PII

The EU's verification laws will ensure much more of these leaks in the future, and therefore much more fines

Could we update the link to the original article? https://cambridgeanalytica.org/data-breaches-scandals/passpo...

CA article is just AI;dr on a two week old Verge article: https://www.theverge.com/tech/947157/passports-data-breach-c...

Ok, then changing the link to the verge article. Thanks for pointing that out

That's good, just grab one of those whenever your need to prove your age online /s