Turkey is one of the countries using e-goverment. Here is the red alert to people trust such systems and do not pay much attention to their personal data.
Last year, journalist ibrahim Haskoloğlu claimed that a hacker group infiltrated Turkey’s e-government website and other government-related sites and had access to the identity and other personal information of Turkish citizens, including those of President Erdoğan and then-National Intelligence Organization (MİT) undersecretary and current foreign minister Hakan Fidan. Most probably what we witness now is the consequences of that (and not having proper security controls in place).
Personal information of millions of people living in Turkey have been leaked on a website called "s****p**eli".
The categories of data categories leak include: first names, surnames, names of relatives, addresses, phone numbers, bank account details, house and land deeds. Among leaked data politicians such as President Recep Tayyip Erdoğan and main opposition Republican People’s Party (CHP) leader Kemal Kılıçdaroğlu can be found.
Some of the data can be accessed by anyone via free membership, while the remaining information is available to subscribers with paid membership. Individuals who become free members of the website can access the family and mobile phone information of any Turkish citizen they want, while “VIP” members have the additional capability of obtaining the e-school records, official identification documents, property details, addresses and Turkish ID information of the targeted individuals.
Although the website currently displays a “we will be back” message on its homepage, likely due to being overwhelmed by traffic requests, the same database query service is working normally on Telegram and Discord, where people report being able to access anyone’s data. At the time of writing, the registered members on the platform’s Telegram channel have surpassed five thousand.
In response to the situation, Turkey’s Media and Legal Studies Association (MLSA) has announced plans to submit a lawsuit against the Ministry of Internal Affairs, which is responsible for safeguarding people’s data, and obviously failed at that. MLSA’s director stated that compensation would be pursued, and urged affected individuals the file criminal complaints to the authorities.
Regarding the perpetrators, their identity, origin, and time of attack remain unknown, but it has been determined that the website has been online since June 3, 2023, and is registered in Northern Cyprus. It is possible that the leaked data was stolen during an attack that unfolded in April 2022, when hackers claimed to have breached Turkey’s e-government infrastructure. However, a statement by the President’s Digital Transformation Office at the time disputed these claims saying that its IT experts had found no signs of a data leak.
Yorumlar