Abu Dhabi Finance Week Resolves Data Breach Exposing Delegate Passports and IDs

Data Breach Impacts Abu Dhabi Finance Week Delegates

Abu Dhabi Finance Week (ADFW) organizers have confirmed the resolution of a data breach that exposed sensitive personal information belonging to a limited subset of its delegates. The incident, which came to light this week, involved an unprotected cloud storage server managed by a third-party vendor, making scans of identity documents publicly accessible.

The breach reportedly affected more than 700 individuals, whose passports and state identity cards were found online. This occurred despite the broader ADFW event, organized by the Abu Dhabi Global Market (ADGM), hosting over 35,000 attendees.

High-Profile Individuals Among Those Affected

Among the prominent figures whose personal details were exposed were former British Prime Minister Lord David Cameron, hedge fund billionaire Alan Howard, and former White House communications director Anthony Scaramucci. Other notable individuals identified in a sample of the exposed files included Richard Teng, co-chief executive of crypto exchange Binance and former CEO of ADGM, and Lucie Berger, the European Union's ambassador to the UAE.

Discovery and Remediation Efforts

The vulnerability was initially discovered by freelance security researcher Roni Suchowski, who noted that the data, including invoices and other files, had been accessible online for at least two months. The server was secured immediately after the Financial Times contacted ADFW about the exposure on Monday, February 16, 2026.

ADFW issued a statement confirming 'a vulnerability in a third-party vendor-managed storage environment relating to a limited subset of ADFW 2025 attendees.' Organizers emphasized that 'the environment was secured immediately upon identification, and our initial review indicates that access activity was limited to the researcher that identified the issue.' Affected attendees have since been informed of the incident.

Implications for Data Security

Cybersecurity experts have highlighted the significant risks associated with such a breach, including potential for identity theft, targeted phishing campaigns, and unauthorized access to online accounts. The incident underscores the critical importance of robust data protection measures, particularly for high-profile international events that handle sensitive personal information through third-party vendors.