Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Turkey: KVKK announces Keyubu data breach

The Personal Data Protection Authority ('KVKK') announced, on 28 April 2022, that a data breach that occurred within Keyubu İnternet ve Bilişim Hizmetleri. In particular, the KVKK highlighted that, in accordance with Article 12(5) of the Law on Protection of Personal Data No. 6698, Keyubu, as the data controller, had notified the KVKK that a cyber attack had occurred on 18 April 2022, which had been detected on the same day. In addition, the KVKK noted that the cyber attack occurred as a result of a vulnerability in the server management software installed on the servers used by Keyubu and, as a result, the data on all servers were destroyed.

Moreover, the KVKK outlined that the individuals affected by the violation were the customers of Keyubu and that the personal data categories affected by the breach included ID and contact details, as well as customer transaction and transaction security information. In addition, the KVKK emphasised that the data hosted by the users who purchase web hosting and virtual servers over Keyubu are destroyed, but Keyubu could not determine how many people and what kind of data is in the content.

You can read the press release, only available in Turkish, here.

Feedback