Yemeksepeti allegedly pays $208K ransom to hackers amid efforts to prevent data leak

Türkiye’s leading food delivery platform, Yemeksepeti, allegedly transferred €200,000 ($208,000) worth of cryptocurrency to hackers who accessed personal data belonging to millions of Turkish citizens.

The payment was reportedly made to prevent the release of the compromised information.

According to a report by the pro-government publication Daily Sabah, Yemeksepeti filed a criminal complaint with the Istanbul Chief Public Prosecutor’s Office, alleging it had been subjected to a data breach and extortion attempt. The company denied any actual data leakage, claiming that unknown individuals fabricated the breach to damage its reputation.

$208,000 paid under duress

In its submission to the prosecutor’s office, Yemeksepeti stated that thorough internal investigations found no evidence of a data breach or security compromise. The company dismissed the accusations as baseless and aimed at harming its credibility, asserting that its systems remained secure and free of vulnerabilities.

The complaint also revealed that the hackers demanded payment after allegedly obtaining sensitive user information. Yemeksepeti reportedly transferred €200,000 in cryptocurrency to the attackers, who had threatened to release the data. The company requested the identification of the suspects and the initiation of legal proceedings for charges of “Defamation” and “Extortion.”

Yemeksepeti was reportedly targeted in a cyberattack on Mar. 25, 2021, during which hackers allegedly stole significant user data. At the time, the company assured the public that no credit card information had been compromised.