Cyber Security

TurkNet Massive Data Breach: 244,000 Users' Information Stolen

As a result of the SQL Injection attack on TurkNet İletişim Hizmetleri A.Ş. systems, the identity and contact information of 244,396 subscribers were leaked. While the KVKK published a public announcement regarding the violation, information channels for users were announced.

bastamabastama
Apr 29, 2025 - 00:52
Apr 29, 2025 - 01:02
 0  9
TurkNet Massive Data Breach: 244,000 Users' Information Stolen
Cloud Sunucu
Cloud Sunucu

TurkNet, one of Türkiye’s leading internet service providers, has come to the fore with a major data breach. According to the notification made to the Personal Data Protection Board (KVKK), 244,396 users’ information was leaked as a result of a SQL Injection attack on one of the company’s systems.
 
How did the data breach occur?
 
TurkNet's statement to the Board stated that the attack started on February 26, 2025, but was noticed as a result of a complaint filed with the Information Technologies and Communication Authority (BTK) on March 11, 2025.
 
Authorities reported that the attack was carried out through SQL Injection into one of the company's services and that the attackers accessed customer information in the database.
 
What data was leaked?
 
According to initial investigations, personal data affected by the attack was listed as follows:
 
    Name, surname
 
    Phone number
 
    Subscription number
 
    Turkish ID number
 
    TurkNet subscription circuit information
 
    Address
 
    Static IP information
 
TurkNet announced that detailed investigations are ongoing to clarify the extent of the incident.
 
Official statement from KVKK
 
The Personal Data Protection Board (KVKK), with its decision numbered 2025/578 dated 20 March 2025, decided to publish the announcement regarding the data breach on the institution's website.
 
TurkNet announced that users who want to get information about the violation can call the fast action lines at 0850 288 80 80 and 0850 344 28 18 or submit a written application to its head office in Istanbul.
What is SQL Injection?
 
SQL Injection is a vulnerability that allows cyber attackers to gain unauthorized access to a website’s database. These attacks are typically carried out by injecting malicious SQL commands into data entry points such as user login forms or search bars. With SQL Injection, attackers can steal, modify, or delete data on the system. It is critical for web developers to take security measures to close such vulnerabilities.
 
 
Source: Beykozun Sesi
 
 
Source: Pursaklar News

Tags:

What's Your Reaction?

Like Like 0
Dislike Dislike 0
Love Love 0
Funny Funny 0
Angry Angry 0
Sad Sad 0
Wow Wow 0
bastama
bastama
Sınırsız Hosting
Sınırsız Hosting

Related Posts

Tenable Report: 'ProxyLogon Vulnerability Still Exposes 91% of Affected Exchange Servers to Attacks'

Tenable Report: 'ProxyLogon Vulnerability Still Exposes...

bastama Feb 27, 2025  0  5

Crypto Crimes Hit Record High in 2024 Amid Market Growth

Crypto Crimes Hit Record High in 2024 Amid Market Growth

bastama Feb 27, 2025  0  3

Health Net Federal Services and Centene to Pay $11.2 Million Over Cybersecurity Violations

Health Net Federal Services and Centene to Pay $11.2 Mi...

bastama Feb 27, 2025  0  2

Cyber ​​threats are growing gradually: corporate and personal data are at risk

Cyber ​​threats are growing gradually: corporate and pe...

bastama Mar 10, 2025  0  5

Critical Vulnerability Found in AnyDesk: Attackers Can Gain Admin Privileges

Critical Vulnerability Found in AnyDesk: Attackers Can ...

bastama Feb 27, 2025  0  7

Wiz Cybersecurity Firm: 'Authentication Flaw Found in DeepSeek Databases'

Wiz Cybersecurity Firm: 'Authentication Flaw Found in D...

bastama Feb 27, 2025  0  9