Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Turkey: KVKK announces Allianz Sigorta data breach

On March 28, 2024, the Personal Data Protection Authority (KVKK) disclosed a data breach involving Allianz Sigorta AŞ. The KVKK highlighted that Allianz Sigorta promptly notified them of the breach, as required by Article 12(5) of the Law on Protection of Personal Data No. 6698.

According to the notification from Allianz Sigorta, the breach occurred between March 7, 2024, and March 18, 2024. Allianz Sigorta became aware of the breach on March 21, 2024, following notification by the National Cyber Incident Response Center (USOM) that certain information belonging to them was being traded online by cyberattackers. Subsequent investigations revealed that unauthorized access was gained by cyberattackers to the 'Service Desk' platform, where Allianz Sigorta agents submitted requests and complaints.

While the full extent of the personal data affected by the breach remains uncertain, potentially compromised information includes identity details, visual and auditory records, communication records, financial data (including credit card information), and sensitive personal data such as philosophical beliefs, religion, sect, health information, and association membership data. Additionally, the KVKK confirmed that the precise number of affected individuals and records could not be determined. Affected parties include employees, business partners, customers, and potential customers.

You can read the press release, only available in Turkish, here.