Well, several things wrong with it.
1) That is enough information for someone already possessed of the necessary technology to clone a copy of your passport, which could be used to do all sorts of things that would eventually be traced to you.
2) That information would be of great assistance to someone wanting to uncover more information about you, either mechanically (which researchers showed in 2009 SSNs can be reliably derived from your birth date and birth place) or as leverage to acquire other information - you don't know what other information about you it can be matched to, probably plenty even just in a Google search, let alone other public/private databases.
3) The *key* issue is that the culture in which such data is kept and is accessible to rogue employees - who will always exist - is endemic and dangerous. I'm sure it was done in the name of barring English (and other) football hooligans from attending the events. In theory, all the ticket office needs to know is that you are not one of the people on the banned list when you buy your ticket, and for that retaining the data shouldn't be necessary. I was under the impression that such "fans" were barred from traveling - surely the more effective way to stop them is at the border or when they're buying plane tickets. In any event, this sort of data breach demonstrates the problems that we will have with other, larger, more sensitive data stores should governments/companies/etc. create them.
wg