German Tracking Firm’s Data Breach Exposes 800,000+ to Privacy Nightmare

A massive data breach at Lost & Found, a German tracking software company, has compromised the personal information of over 800,000 individuals, sparking alarm in the tech and aviation sectors. Discovered on March 4, 2025, by security researcher Jeremiah Fowler, the breach exposed 10 open databases containing 820,750 records—totaling 122GB—left unsecured online. The leaked data included shipping labels, lost item reports, and screenshots of personal belongings like electronics, wallets, and medical devices, primarily tied to aviation services.

The breach’s severity deepened with the revelation of highly sensitive documents, such as passport scans and driver’s licenses, potentially uploaded by airport staff or claimants. This exposure raises serious risks of identity theft and fraud, putting pressure on Lost & Found to explain the lapse. The incident has fueled broader concerns about data security in tracking software, especially for industries handling sensitive customer information.

Tech experts and privacy advocates are calling for stricter regulations, while affected individuals face uncertainty over the misuse of their data. Lost & Found has yet to detail its response, but the breach’s scale and implications have made it a cautionary tale in the digital age, highlighting vulnerabilities in tech infrastructure.