Communications Directorate denies data breach allegations involving 85M Turkish citizens
A man types on a computer keyboard in front of the displayed cyber code in this illustration picture taken on March 1, 2017. (Reuters/ Kacper Pempel)
The Turkish government has vehemently denied recent reports claiming a massive data breach affecting 85 million citizens. The Directorate of Communications issued a statement dismissing the allegations as “completely unfounded.”
The statement clarified that there is no evidence of leaked data or any request for assistance from Google, as alleged in the previous reports. The government emphasized that the security of citizens’ personal information remains a top priority.
The answer given by the Minister of Transportation and Infrastructure Abdulkadir Uraloğlu to a question on the subject is taken out of context and presented as “the identity information of 85 million people was stolen. Upon the findings that some citizens’ address information based on the declaration registered in the system was obtained by stealing their passwords, the Ankara Chief Public Prosecutor’s Office has taken the necessary legal actions.
Do not rely on unfounded allegations.
The Republic of Türkiye Directorate of Communications
What happened earlier?
Reports claimed that Türkiye’s Minister of Transport and Infrastructure Abdulkadir Uraloglu stated that the personal data of 85 million Turkish citizens had been compromised in a cyberattack targeting the health care system during the COVID-19 pandemic.
Uraloglu also reportedly said that the breach was not preventable at the time.
Uraloglu allegedly said, “During the pandemic, there was a leak from the health care system. Unfortunately, this could not be prevented.”
108 million personal records were allegedly stolen
Earlier reports claimed that 108 million records, including citizens’ Turkish ID numbers, addresses and mobile phone numbers, had been stolen. The alleged stolen data was organized into five separate Google Drive files titled “Yenilenmis TC,” “Adres,” “GSM,” “101m,” and a second file also named “GSM.”
In response, the reports alleged that Türkiye’s Information and Communication Technologies Authority (BTK) notified Google and requested the immediate removal of the files. The files were allegedly flagged as critical and removed as part of an emergency response.
Opposition criticizes government handling of data security
The opposition party CHP also voiced its concerns over the alleged data breach. Zelihe Aksaz Sahbaz, CHP’s shadow health minister, referred to a 2016 incident where allegedly citizens’ health and personal data were sold for ₺65,000 ($1,916.63).
In 2016, the information that the health and personal data of citizens were sold by the SSI to a number of companies for a total of 65 thousand TL was reflected in the Court of Accounts reports, and the lawsuit filed after our Chairman Mr. Ozgür Ozel shared this information was accepted by the Ankara 11th Civil Court of First Instance and the Court of Cassation approved this decision. These are the actions of a government that perceives everything as money and has no respect for its citizens. This time, they are not taking the necessary precautions and are giving away private personal data, which they previously sold for money, to unknown companies under the pretext that it was leaked.
Zelihe Aksaz Sahbaz
She added, “Today, it is admitted from the authorized mouths that the most intimate information of 85 million people was leaked from the Ministry of Health during the pandemic period.”
Global cyber espionage network dismantled by Turkish intelligence
Recently the Turkish intelligence MIT, in collaboration with gendarmerie and the National Cyber Incidents Response Center (USOM), successfully eliminated an international cyber espionage network that stole personal data from thousands worldwide and sold it to terrorist organizations.
