A recent cybersecurity analysis conducted by SafetyDetectives has exposed a concerning data breach that has compromised the personal information of over 2 million Turkish citizens. The leaked data specifically pertains to individuals’ vaccination records from 2015 to 2023, raising serious concerns about data privacy and security in the country.
Interestingly, this breach occurred on the same online forum where another threat actor leaked a scraped LinkedIn database with 35 million user data just a few weeks ago. Furthermore, this forum has witnessed multiple data leaks, including those from chess.com. This pattern suggests a disturbing trend of increasing cyber threats and vulnerabilities in various online platforms.
According to the researchers at SafetyDetectives, who shared their report with Hackread.com, the leaked data was first discovered on the forum on September 10, 2023. However, further analysis indicates that the breach likely occurred on April 4, 2023. It is believed that the threat actor exploited an information disclosure vulnerability to gain unauthorized access to the vaccination records of Turkish citizens.
The leaked data includes crucial personal information such as birth dates, doctors’ full TCKNs (Turkish Identification Numbers), dates of vaccinations, vaccine types, hospitals where vaccinations were administered, and more. Shockingly, partial TCKNs of patients were exposed, while doctors’ TCKNs were displayed in full. This suggests that the data may have been scraped from an online platform utilized by Turkish healthcare providers or the Ministry of Health.
The scale of this breach is particularly alarming, considering that the leaked database contains TCKNs of around 70% of the doctors in Turkey. With such a vast amount of personally identifiable information (PII) at risk, the potential for identity theft and other malicious activities is unnerving.
This breach highlights the urgent need for stronger data privacy measures and cybersecurity practices in Turkey. It serves as a wake-up call for individuals, organizations, and government bodies to prioritize the protection of sensitive data and invest in robust security frameworks.
Q: What information was leaked in the data breach?
A: The leaked data includes birth dates, doctors’ full TCKNs (Turkish Identification Numbers), dates of vaccinations, vaccine types, hospitals where vaccinations were administered, and more.
Q: How many Turkish citizens were affected by the breach?
A: Over 2 million Turkish citizens were impacted by this data breach.
Q: How did the threat actor gain access to the vaccination records?
A: The breach is believed to have occurred through the exploitation of an information disclosure vulnerability.
Q: Can the leaked data be used for identity theft?
A: Yes, the leaked data poses a significant risk for identity theft and other malicious activities.