The discovery of hotel registration cards in a skip, containing guests' signatures, credit card and contact details, has prompted an inquiry.
Hotel management said the documents had now been destroyed
Fraud experts said criminals could have used the cards, from the Grand Hotel, Brighton, in identity theft.
Owner, the De Vere Group, apologised and has destroyed the documents, which were found by a passer-by.
The Information Commissioner's Office (ICO) is to contact the hotel about the breach of customer privacy.
The hotel regularly hosts high-profile corporate conferences. Some of the cards had been completed by MPs.
Peter Manby, group operations director, said the company's policy was to dispose of confidential material in waste sacks, which are then destroyed by a secure waste company.
He said: "The hotel acknowledges that on this occasion this policy was not strictly adhered to.
"We apologise to all our customers affected. A full investigation is under way."
The five-star hotel said the documents had been sealed in envelopes and put in sealed boxes. They had now been destroyed.
It said guests' confidentiality was a priority at all times.
The ICO has said if information on the cards was also held electronically, the hotel was likely to have breached the Data Protection Act 1998.
Assistant Commissioner Phil Jones said: "Clearly, where personal information is not disposed of securely, there is a risk that it can fall into the hands of criminals."
Identity theft affects 120,000 people each year in the UK.