Turkish citizen data of 108M exposed, government asks for help from Google
Learn More
A massive data breach has compromised the personal information of 108 million Turkish citizens, including deceased individuals, according to a report by the Free Web Turkey platform.
The breach involved the theft of extensive data from official government databases, including:
- Names
- National ID numbers
- Name and surname
- Turkish Citizenship (TC) identification number
- Date of birth
- Place of birth
- Province, district, and village details
- Civil status
- Date of death (for deceased individuals)
- Home addresses (82 million records)
- Mobile phone numbers (134 million records)
The source of the breached data is not disclosed, although it's very probable that it's a government system.
The National Cyber Incident Response Center (USOM), which operates under Turkey's Information and Communication Technologies Authority (BTK), discovered the breach. The stolen data was uploaded by the hackers to five Google Drive files in MySQL database formats (MYD and MYI), which are capable of handling large datasets.
Update - as of 11th of September, transport and Infrastructure Minister Abdulkadir Uraloğlu confirmed that the personal data of 108 million Turkish citizens, including names, ID numbers, addresses, and other sensitive information, were stolen from the health system during the pandemic period, and that efforts to prevent this breach were unsuccessful at the time. He clarified that there is no indication that more recent data has been compromised.
BTK formally requested Google's assistance to remove the files and provide detailed information on the hackers, such as their account details, IP addresses, and port numbers. The request was marked "Urgent."
