Organizers of one of the Middle East's largest investment summits have addressed a data security incident involving the identity information of approximately 700 attendees. The exposed data, which included passport details and other personally identifiable information (PII), belonged to participants of Abu Dhabi Finance Week (ADFW), including former British Prime Minister David Cameron and former White House communications director Anthony Scaramucci.
The exposure was identified by independent security researcher Roni Suchowski, who located the sensitive data on an unsecured cloud storage system associated with the event. As reported by the Financial Times, Suchowski utilized standard software designed to scan cloud services for publicly accessible data repositories.
Scope of Accessible Data
In addition to passports and identification cards, the storage instance contained thousands of documents related to the ADFW summit. Analysis indicates the data may have been publicly accessible for at least two months prior to remediation. A review of the exposed files confirmed that, alongside political figures, the dataset included information on high-profile business leaders such as hedge fund manager Alan Howard, Binance co-CEO Richard Teng, and Lucie Berger, the EU's ambassador to the UAE.
Suchowski disclosed the findings to the Financial Times after encountering difficulties in reporting the issue directly to the organization. Following an inquiry from the media outlet, ADFW secured the server.
In a statement, the organization emphasized its commitment to security protocols. "ADFW takes, and has always taken, data protection and platform security extremely seriously," the organization stated. "The environment was secured immediately upon identification, and our initial review indicates that access activity was limited to the researcher that identified the issue."
Operational Security Implications
Abu Dhabi Finance Week is a central event for the Middle East and North Africa (MENA) financial sector, hosted by the Abu Dhabi Global Market (ADGM). Since its inception in 2022, the summit has expanded significantly. The 2025 edition, held under the patronage of the Crown Prince of Abu Dhabi, attracted 35,000 attendees from over 180 countries, representing firms with more than $62 trillion in assets.
The incident highlight the necessity of rigorous cloud security posture management, particularly for regions establishing themselves as global financial hubs. Abu Dhabi is actively developing its financial infrastructure, recently launching a FinTech, Insurance, Digital, and Alternative Assets cluster projected to contribute $15 billion to the emirate's GDP by 2045. As the region invites international investment through progressive regulation, the assurance of data confidentiality remains a foundational requirement.
The exposure of sensitive data belonging to government officials and business executives presents a clear case for strengthening operational security validation. Cassius Edison, chief operations officer of Closed Door Security, noted the severity of the oversight in the context of high-value targets.
"This leak represents a huge failure in operational security, and an embarrassing one," Edison said. "To host a conference of prominent politicians and business leaders and to not ensure their data is held securely in the most basic way is a huge blunder on the part of ADFW."
Ensuring that storage buckets are private by default and implementing continuous monitoring for misconfigurations are essential steps for organizations handling sensitive attendee data.