turkish citizenship database leak

8/18/2019 Turkish Citizenship Database Leak

1/2

Turkish Citizenship Database Leak (Corrected andUpdated) Posted by Dissent at 2:44 pm Breach Incidents, Exposure, Government Sector , Hac , !on"#$S$ %dd comments

Apr 032016

Who ou!d ha"e i#a$ined that backards ideo!o$ies% cron&is# and risin$ re!i$ious

e'tre#is# in Turke& ou!d !ead to a cru#b!in$ and "u!nerab!e technica! inrastructure

*een on!ine ater a subse+uent!&,de!eted teet ca!!ed attention to it-

This paste ith a !ink to a 6.6 / i!e% purported!& containin$ c!ear,te't inor#ation

on 49,611,709 Turkish citizens% inc!udin$ the o!!oin$ detai!s-

• ationa! dentiier (TC i#!ik o)

• 4irst a#e

• Last a#e

• 5others 4irst a#e

• 4athers 4irst a#e

• /ender

• Cit& o irth

• Date o irth

• D 7e$istration Cit& and District

• 4u!! Address

An 8 !ookup p!aces the 8 in ce!and% ith the oner as 4!okinet 9h% ebsite-

tistednetorks.net.

:U8DAT9- a co##enter points that the source used as ron$-

4irst- the 8 is !ocated in 7o#ania

*econd- that tistednetorks.net has nothin$ to do ith the hostin$ co#pan& 4!okinet 9h. ts

"er& ob"ious in the 8 hois or e"en i &ou do a si#p!e $oo$!e search% that the host ebsite

is https-;;.!okinet.is

8!ease check &our acts careu!!&.

Weird… I’ll have to go back to figure out which lookup site I used that was so wrong, but thanks!

The hackers !et a terse #essa$e-

Lesson to learn for Turkey:

• it shitin$ isnt encr&ption.

• nde' &our database. We had to i' &our s!opp& D ork.

http://www.databreaches.net/turkish-citizenship-database-leak/http://www.databreaches.net/turkish-citizenship-database-leak/http://www.databreaches.net/author/dissent/http://www.databreaches.net/author/dissent/http://www.databreaches.net/author/dissent/http://www.databreaches.net/category/breach-reports/http://www.databreaches.net/category/breach-reports/http://www.databreaches.net/category/breach-reports/http://www.databreaches.net/category/breach-types/exposure/http://www.databreaches.net/category/breach-types/exposure/http://www.databreaches.net/category/breach-types/exposure/http://www.databreaches.net/category/breach-reports/government-sector/http://www.databreaches.net/category/breach-types/hack/http://www.databreaches.net/category/breach-types/hack/http://www.databreaches.net/category/breach-reports/non-us/http://www.databreaches.net/category/breach-reports/non-us/http://www.databreaches.net/category/breach-reports/non-us/http://www.databreaches.net/turkish-citizenship-database-leak/#respondhttp://185.100.87.84/http://185.100.87.84/http://185.100.87.84/https://www.flokinet.is/https://www.flokinet.is/http://www.databreaches.net/author/dissent/http://www.databreaches.net/category/breach-reports/http://www.databreaches.net/category/breach-types/exposure/http://www.databreaches.net/category/breach-reports/government-sector/http://www.databreaches.net/category/breach-types/hack/http://www.databreaches.net/category/breach-reports/non-us/http://www.databreaches.net/turkish-citizenship-database-leak/#respondhttp://185.100.87.84/https://www.flokinet.is/http://www.databreaches.net/turkish-citizenship-database-leak/http://www.databreaches.net/turkish-citizenship-database-leak/

8/18/2019 Turkish Citizenship Database Leak

2/2

• 8uttin$ a hardcoded passord on the U hard!& does an&thin$ or securit&.

• Do so#ethin$ about 9rdo$an< =e is destro&in$ &our countr& be&ond reco$nition.

Lessons for the US? We rea!!& shou!dnt e!ect Tru#p% that $u& sounds !ike he knos e"en

!ess about runnin$ a countr& than 9rdo$an does.

The paste a!so contained the persona! inor#ation on 9rdo$an and Da"uto$!u% hich

Datareaches.net is not reproducin$ here.

Datareaches.net did not don!oad the #assi"e database% and its not &et c!ear i these are o!d

data ro# 200> ro# a pre"ious breach%a possibi!it& raised b& co"era$e o another !eak noted on

Dai!& Dot in 4ebruar&. an&one can conir# hether these are o!d data or ne data% p!ease !et

#e kno.

Update- Turkish #inister ca!!s #assi"e data !eak report an ?o!d stor&-

Turke&s co##unications #inister has denied reports o a #assi"e data !eak containin$ the

persona! inor#ation o near!& @0 #i!!ion Turkish citizens% sa&in$ the !eak as an o!d stor&B ro#

2010% as a!!e$ations tri$$ered concerns o"er persona! data protection.

This is a "er& o!d stor&. A si#i!ar a!!e$ation as #ade in 2010%B Turkish Transportation%

Co##unication and 5ariti#e Aairs 5inister ina!i !dr# to!d reporters durin$ a #eetin$ ith

board #e#bers o the Turkish Wor!d Union o 9n$ineers and Architects (TD55) on Apri! @.

Denied reports *i#i!ar a!!e$ationB s he sa&in$ that the data are ake or Eust that its an o!d !eak

and not ne data The reporters cou!d ha"e done a better Eob on +uestionin$ and o!!o,up here%

but it see#s that #& suspicion that this as an o!d !eak as correct.
http://www.dailydot.com/politics/turkey-data-dump-cthulu-police/http://www.dailydot.com/politics/turkey-data-dump-cthulu-police/http://www.hurriyetdailynews.com/turkish-minister-calls-massive-data-leak-report-an-old-story.aspx?pageID=238&nid=97321&NewsCatID=341http://www.hurriyetdailynews.com/turkish-minister-calls-massive-data-leak-report-an-old-story.aspx?pageID=238&nid=97321&NewsCatID=341http://www.hurriyetdailynews.com/turkish-minister-calls-massive-data-leak-report-an-old-story.aspx?pageID=238&nid=97321&NewsCatID=341http://www.dailydot.com/politics/turkey-data-dump-cthulu-police/http://www.dailydot.com/politics/turkey-data-dump-cthulu-police/http://www.hurriyetdailynews.com/turkish-minister-calls-massive-data-leak-report-an-old-story.aspx?pageID=238&nid=97321&NewsCatID=341

turkish citizenship database leak

Documents