turkish citizenship database leak
TRANSCRIPT
-
8/18/2019 Turkish Citizenship Database Leak
1/2
Turkish Citizenship Database Leak (Corrected andUpdated) Posted by Dissent at 2:44 pm Breach Incidents, Exposure, Government Sector , Hac , !on"#$S$ %dd comments
Apr 032016
Who ou!d ha"e i#a$ined that backards ideo!o$ies% cron&is# and risin$ re!i$ious
e'tre#is# in Turke& ou!d !ead to a cru#b!in$ and "u!nerab!e technica! inrastructure
*een on!ine ater a subse+uent!&,de!eted teet ca!!ed attention to it-
This paste ith a !ink to a 6.6 / i!e% purported!& containin$ c!ear,te't inor#ation
on 49,611,709 Turkish citizens% inc!udin$ the o!!oin$ detai!s-
• ationa! dentiier (TC i#!ik o)
• 4irst a#e
• Last a#e
• 5others 4irst a#e
• 4athers 4irst a#e
• /ender
• Cit& o irth
• Date o irth
• D 7e$istration Cit& and District
• 4u!! Address
An 8 !ookup p!aces the 8 in ce!and% ith the oner as 4!okinet 9h% ebsite-
tistednetorks.net.
:U8DAT9- a co##enter points that the source used as ron$-
4irst- the 8 is !ocated in 7o#ania
*econd- that tistednetorks.net has nothin$ to do ith the hostin$ co#pan& 4!okinet 9h. ts
"er& ob"ious in the 8 hois or e"en i &ou do a si#p!e $oo$!e search% that the host ebsite
is https-;;.!okinet.is
8!ease check &our acts careu!!&.
Weird… I’ll have to go back to figure out which lookup site I used that was so wrong, but thanks!
The hackers !et a terse #essa$e-
Lesson to learn for Turkey:
• it shitin$ isnt encr&ption.
• nde' &our database. We had to i' &our s!opp& D ork.
http://www.databreaches.net/turkish-citizenship-database-leak/http://www.databreaches.net/turkish-citizenship-database-leak/http://www.databreaches.net/author/dissent/http://www.databreaches.net/author/dissent/http://www.databreaches.net/author/dissent/http://www.databreaches.net/category/breach-reports/http://www.databreaches.net/category/breach-reports/http://www.databreaches.net/category/breach-reports/http://www.databreaches.net/category/breach-types/exposure/http://www.databreaches.net/category/breach-types/exposure/http://www.databreaches.net/category/breach-types/exposure/http://www.databreaches.net/category/breach-reports/government-sector/http://www.databreaches.net/category/breach-types/hack/http://www.databreaches.net/category/breach-types/hack/http://www.databreaches.net/category/breach-reports/non-us/http://www.databreaches.net/category/breach-reports/non-us/http://www.databreaches.net/category/breach-reports/non-us/http://www.databreaches.net/turkish-citizenship-database-leak/#respondhttp://185.100.87.84/http://185.100.87.84/http://185.100.87.84/https://www.flokinet.is/https://www.flokinet.is/http://www.databreaches.net/author/dissent/http://www.databreaches.net/category/breach-reports/http://www.databreaches.net/category/breach-types/exposure/http://www.databreaches.net/category/breach-reports/government-sector/http://www.databreaches.net/category/breach-types/hack/http://www.databreaches.net/category/breach-reports/non-us/http://www.databreaches.net/turkish-citizenship-database-leak/#respondhttp://185.100.87.84/https://www.flokinet.is/http://www.databreaches.net/turkish-citizenship-database-leak/http://www.databreaches.net/turkish-citizenship-database-leak/
-
8/18/2019 Turkish Citizenship Database Leak
2/2
• 8uttin$ a hardcoded passord on the U hard!& does an&thin$ or securit&.
• Do so#ethin$ about 9rdo$an< =e is destro&in$ &our countr& be&ond reco$nition.
Lessons for the US? We rea!!& shou!dnt e!ect Tru#p% that $u& sounds !ike he knos e"en
!ess about runnin$ a countr& than 9rdo$an does.
The paste a!so contained the persona! inor#ation on 9rdo$an and Da"uto$!u% hich
Datareaches.net is not reproducin$ here.
Datareaches.net did not don!oad the #assi"e database% and its not &et c!ear i these are o!d
data ro# 200> ro# a pre"ious breach%a possibi!it& raised b& co"era$e o another !eak noted on
Dai!& Dot in 4ebruar&. an&one can conir# hether these are o!d data or ne data% p!ease !et
#e kno.
Update- Turkish #inister ca!!s #assi"e data !eak report an ?o!d stor&-
Turke&s co##unications #inister has denied reports o a #assi"e data !eak containin$ the
persona! inor#ation o near!& @0 #i!!ion Turkish citizens% sa&in$ the !eak as an o!d stor&B ro#
2010% as a!!e$ations tri$$ered concerns o"er persona! data protection.
This is a "er& o!d stor&. A si#i!ar a!!e$ation as #ade in 2010%B Turkish Transportation%
Co##unication and 5ariti#e Aairs 5inister ina!i !dr# to!d reporters durin$ a #eetin$ ith
board #e#bers o the Turkish Wor!d Union o 9n$ineers and Architects (TD55) on Apri! @.
Denied reports *i#i!ar a!!e$ationB s he sa&in$ that the data are ake or Eust that its an o!d !eak
and not ne data The reporters cou!d ha"e done a better Eob on +uestionin$ and o!!o,up here%
but it see#s that #& suspicion that this as an o!d !eak as correct.
http://www.dailydot.com/politics/turkey-data-dump-cthulu-police/http://www.dailydot.com/politics/turkey-data-dump-cthulu-police/http://www.hurriyetdailynews.com/turkish-minister-calls-massive-data-leak-report-an-old-story.aspx?pageID=238&nid=97321&NewsCatID=341http://www.hurriyetdailynews.com/turkish-minister-calls-massive-data-leak-report-an-old-story.aspx?pageID=238&nid=97321&NewsCatID=341http://www.hurriyetdailynews.com/turkish-minister-calls-massive-data-leak-report-an-old-story.aspx?pageID=238&nid=97321&NewsCatID=341http://www.dailydot.com/politics/turkey-data-dump-cthulu-police/http://www.dailydot.com/politics/turkey-data-dump-cthulu-police/http://www.hurriyetdailynews.com/turkish-minister-calls-massive-data-leak-report-an-old-story.aspx?pageID=238&nid=97321&NewsCatID=341