NEW DATA BREACH ANNOUNCEMENTS FROM THE TURKISH DATA PROTECTION AUTHORITY!

13.11.2020

As known, the article 12(5) of the Law on Personal Data Protection no 6698 stipulates that in case the processed data are collected by other parties through unlawful methods, the controller shall notify the data subject and the Board within the shortest time. Where necessary, the Board may announce such breach at its official website or through other methods it deems appropriate.

In summary, in the letter sent by the Çizgi Telekomünikasyon A.Ş.,  as a data controller, to the Turkish Personal Data Protection Authority (“TDPA”), it is stated that ;

  • The employee who came to the company for the weekend shift on November 7, 2020, found a message on the server desktop when he was connected to the server remotely to perform routine checks, and as a result of the investigation, it was detected that some malware was found on the servers of the company where customer information was found.
  • Customer information such as identity number, name and surname, e-mail and home address, customer transaction details (such as credit card information), the services purchased by the customer and the date-time information regarding transactions related to these services may be affected by the breach.
  • The people affected by the breach are customers who receive service from the company.
  • The number of persons affected by the breach is not known yet.
  • Assessment studies for the effect of breach are continuing.

In summary, in the letter sent by the Kale Holding A.Ş. and Group Companies, as a data controller, to the Turkish Personal Data Protection Authority (“TDPA”), it is stated that ;

  • The personal data breach that occurred in the form of encryption of some databases on the server occurred on 04.11.2020.
  • The personal data affected by the breach are not known yet,
  • The number of persons affected by the breach is not known yet,
  • The relevant person groups affected by the breach are not known yet,
  • The possibility of the breach to have negative consequences for the persons concerned is not known yet,
  • Assessment studies for the effect of breach are continuing.

TDPA stated that the investigations on the subject continues.

You can reach the full text of the Announcement( In Turkish) of Çizgi Telekomünikasyon A.Ş.  here also you can reach the full text of the Announcement( In Turkish) of Kale Holding A.Ş. and Group Companies here.

Should you have any queries and/or remarks, please do not hesitate to contact us. 

Kind regards,

Zumbul Attorneys-at-Law

info@zumbul.av.tr