Türkiye files charges against hacker ring over theft of 101M personal records
A computer screen showing lines of code, accessed on December 16, 2024. (AFP Photo)
Turkish prosecutors have indicted 16 suspects accused of operating a vast hacker network that allegedly stole the personal data of 101 million people through coordinated cyberattacks on multiple government ministries and institutions, Turkish media outlet Hurriyet writes.
The indictment, accepted by Ankara’s 28th High Criminal Court, outlines what officials described as one of the most extensive cybercrime operations in the country’s history.
Cyber ring operated multiple illegal platforms
The suspects are accused of forming a criminal organization that created and operated several illicit query systems—most notably “IllegalCity,” “NexCity,” “Privex,” “FearCheck,” “XLog,” and “Tavsancik”—used to store and sell illegally obtained personal data.
According to the indictment, the network stored data on foreign-based servers, primarily in Germany, and monetized the information through subscription-based platforms used for unauthorized background checks.
The illegal platforms contained personal records from key Turkish government databases, including those of the Health Ministry, Education Ministry, and Social Security Institution, among others.
One of the systems, “IllegalCity,” reportedly included data on 101 million individuals and was described as a “central hub for cyberattacks targeting Türkiye’s digital infrastructure.”
Prosecutors detail high-level data breaches
Authorities said the hackers obtained sensitive information through cyberattacks on at least 17 institutions, including the Health Ministry, Environment and Urbanization Ministry, Education Ministry, Revenue Administration, and Directorate General of Population and Citizenship Affairs.
The National Intelligence Organization (MIT) was listed as a complainant in the case.
The platforms were found to contain detailed identity information, medical records, school data, and employment histories.
Some records allegedly included COVID-19 vaccination data from the Health Ministry’s vaccination tracking system and student records from the Education Ministry’s e-school and e-exam systems.
National security data also compromised
The indictment reportedly noted that data related to the Ministry of National Defense and MIT was also compromised, including records containing personnel identities and sensitive operational information.
Prosecutors alleged that MIT housing addresses and resident names were also shared online. Some platforms included forged identity documents carrying the insignias of Türkiye’s intelligence and law enforcement services.
The hacker known by the alias “Hackerdede,” identified as one of the group’s leaders, reportedly confessed to receiving classified data related to MIT systems from another suspect known as “kanakan/temizadam1.”
Indictment highlights extent of personal data exposure
Prosecutors said the illegal platforms contained information such as clean identity numbers, expiration dates, and address records. One platform allegedly included a file labeled “45 million clean serial numbers,” further highlighting the breadth of the data breach.
The group also reportedly targeted infrastructure and private sector systems, including data from Yavuz Sultan Selim Bridge, Türkiye’s Employment Agency, and several universities.
All 16 suspects, aged between 21 and 33, are currently in pre-trial detention. They face charges including “establishing and leading a criminal organization,” “illegally obtaining personal data,” “violating state security through information theft,” and “breaching the National Intelligence Law.”
