The Helsinki Times reports that a publicly available computer at a Prague hotel contained the passport numbers and itineraries of about 200 leaders from EU member states who gathered there April 5 for an EU-US summit. The breach has been attributed to human error.

The breach was discovered by a Finnish tourist who used the computer after the summit.

The AFP reports that “The Finnish news agency STT said on Friday the data discovered in a Prague hotel computer by a Finnish tourist concerned the politicians’ passport numbers, flight details and medical information.” The medical information included blood group, allergies, and diet.

But does this constitute a data breach under Czech law? According to a spokesperson, “It needs to be emphasised that the file did not contain any confidential information according to the Czech law. It has contained solely data for our working needs.”

That statement was subsequently called into question. CTK reports that as of today, the Czech Office for the Protection of Personal Data has decided to investigate the incident. The results of the investigation will be made publicly available.