What happened
At the December 2025 Abu Dhabi Finance Week (ADFW), scans of more than 700 passports and other identification documents belonging to attendees were found publicly accessible on an unsecured cloud storage server. The exposure was discovered by a security researcher and reported by the Financial Times; the server was secured shortly after the issue was flagged.
Who is affected
The leak included passport and identity details of high-profile figures such as former UK Prime Minister David Cameron, hedge fund billionaire Alan Howard, former White House communications director Anthony Scaramucci, and executives including a co-CEO of Binance and the EU ambassador to the UAE, among others whose records were among the roughly 700 exposed. Tens of thousands of broader event participants were not reported as affected.
Why CISOs should care
This incident underscores persistent risks in cloud security and third-party vendor management—even for large, well-resourced events. Misconfiguration of cloud storage remains a leading cause of sensitive data exposure, with long-term consequences such as identity theft, fraud, and reputational damage for both individuals and hosting organizations. CISOs must treat event technology vendors and cloud-based systems as critical parts of the attack surface, enforce robust access controls, and ensure continuous monitoring to prevent similar lapses.
3 practical actions
- Audit cloud configurations regularly: Implement automated tools and scheduled checks to detect publicly accessible resources and misconfigured storage permissions before they are exploited.
- Strengthen third-party risk management: Include rigorous security requirements, access controls, and monitoring obligations in contracts with vendors handling sensitive data.
- Enhance incident detection and response: Ensure logging, alerting, and rapid response processes are in place so that unusual access patterns are identified and remediated immediately.