Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
Turkey: KVKK announces Keyubu data breach
The Personal Data Protection Authority ('KVKK') announced, on 28 April 2022, that a data breach that occurred within Keyubu İnternet ve Bilişim Hizmetleri. In particular, the KVKK highlighted that, in accordance with Article 12(5) of the Law on Protection of Personal Data No. 6698, Keyubu, as the data controller, had notified the KVKK that a cyber attack had occurred on 18 April 2022, which had been detected on the same day. In addition, the KVKK noted that the cyber attack occurred as a result of a vulnerability in the server management software installed on the servers used by Keyubu and, as a result, the data on all servers were destroyed.
Moreover, the KVKK outlined that the individuals affected by the violation were the customers of Keyubu and that the personal data categories affected by the breach included ID and contact details, as well as customer transaction and transaction security information. In addition, the KVKK emphasised that the data hosted by the users who purchase web hosting and virtual servers over Keyubu are destroyed, but Keyubu could not determine how many people and what kind of data is in the content.
You can read the press release, only available in Turkish, here.