Sign up to our newsletter
Nearly 50 million Turkish citizens, more than half of the country’s population, may have had their personal details exposed in a massive new data breach revealed this week.
As reported by The Telegraph, a compressed file has been posted online by an unnamed group appearing to contain information including names, addresses, parents’ first names, cities of birth, birth dates, and national identifier numbers used by the Turkish government.
The authenticity of the leak was partially verified by the Associated Press, which ran 10 non-public Turkish ID numbers against names listed in the data dump, eight of which were an exact match.
The huge information leak could embarrass the Turkish government, and was accompanied by a message that taunted the country’s leaders.
“Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure?” said a statement on the site hosting the leaked data.
Turkey’s government, meanwhile, has shrugged off the breach, describing it as an “old story” that dates back as far as 2010.
A report by Wired indicates that the leaked data could even date back as far as 2008, although it hasn’t been posted online in a decrypted form until now.
Moreover, Turkish privacy activist Isik Mater told the website that the age of the database does not lessen the severity of the leak.
Ms. Mater explained to Wired: “It doesn’t matter if the data is from 2008 because I still have the same name, same last name, same home address and obviously the same national ID number, so it means that the leak data is up-to-date for me and for lots of other people – which makes the leak very, very serious.”
This is not the only time in recent months that Turkey has been a victim of cybercrime. In February, the hacktivist group Anonymous took credit for the leak of nearly 18GB worth of sensitive data from the country’s national police database.
Author Narinder Purba, We Live Security