They were all sitting unprotected at public URLs, with no password or access control of any sort. If I sent you a link, you could have looked at someone’s passport. www.theverge.com/tech/947157/...
Ever give your photo ID to a cannabis club in Spain?
