A threat actor has allegedly put a massive database for sale on a dark web forum, claiming it contains over 178,000 scanned identity documents belonging to customers of PassportScan. The targeted company, PassportScan.net, is a UK-based cloud service established in London in 2008. It is widely used by the hospitality and rental industries for guest check-ins and Know Your Customer (KYC) verification processes, making it a critical tool for businesses needing to digitally verify identities. The seller claims the entire dataset was exfiltrated from the company’s systems earlier this month, in August 2025.
The threat actor is asking for $30,000 for the database, which allegedly contains high-resolution and fully legible scans sorted by the document holder’s country of origin. The exposure of such sensitive information could lead to severe consequences for the individuals affected, including identity theft, financial fraud, and other malicious activities. According to the forum post, the leaked data includes:
- Passports, national ID cards, driver’s licenses
- Documents used during KYC processes: hotel check-ins, rentals, and more
- Files in JPG format, sorted by country of origin












