MAGNA VENTURES SOFTWARE AND TECHNOLOGY VENTURES TİCARET ANONİM ŞİRKETİ
- Poda Mobile Application, which is one of the data controller products and offers a personal workspace in different locations with internet access, is accessed by unauthorized persons,
- that the database password has been compromised by persons gaining unauthorized access to the system, span>
- To the name, surname, e-mail address and phone numbers of the users who are members of the application accessed,
- App with 7823 member records,
- Information that the affected person group is a member is included.
To access the full data breach notification; KİŞİSEL VERİLERİ KORUMA KURUMU | KVKK | Kamuoyu Duyurusu (Veri İhlali Bildirimi) – Magna Ventures Yazılım ve Teknoloji Girişimleri Ticaret Anonim Şirketi
Conclusion:
The KVKK Technical Measures Guide shows how important mobile application security is in terms of KVKK. If personal data is to be obtained from different websites and/or mobile application channels by data controllers, it is important to ensure personal data security that the connections are made via SSL or a more secure way. Mobile applications should not be deployed without a penetration test.
PACKETMAN E-COMMERCE INDUSTRY AND TRADE INC.
- Cyber attackers carry out a cyber attack on the database system of the data controller, deleting the data in the database, capturing the data in question by the attackers, and then demanding a ransom. a data breach has occurred,
- Personal data affected by the breach is identity (name, surname), contact (e-mail, phone) and location (address) data,
- The number of contacts affected by the breach 1,362,
- It is stated that the relevant person group affected by the violation is users.
To access the full data breach notification; KİŞİSEL VERİLERİ KORUMA KURUMU | KVKK | Kamuoyu Duyurusu (Veri İhlali Bildirimi) – Paketman E-Ticaret Sanayi Ticaret AŞ
Conclusion: The parameters presented for the database should be configured with methods accepted as safe by national and international authorities. In addition, the safe use recommendations published by the database management system manufacturer should be followed. Strong password policies should be established and enforced for database users.
KEYUBU INTERNET AND IT SERVICES
- In OnatWeb Auto VM virtual server management software installed on servers used by the data controller A cyber attack was organized due to a vulnerability and the data on all servers was destroyed,
- İhlalden etkilenen ilgili kişi grubunun müşteriler olduğu,
- The categories of personal data affected by the breach are identity, contact, customer transaction and transaction security information,
- In addition, it is stated that the data hosted by the users who buy web hosting and virtual server over Keyubu are destroyed, but the data controller cannot determine how many people and what kind of data is in the content.
CONCLUSION: According to the network security and information security guide published by the Digital Transformation Office, which are among the technical measures of the KVKK, the virtualization software used in the virtualization server must be up-to-date and the existing security patches must be installed. In order to be protected from malicious software, it is also necessary to use products such as antivirus and antispam that regularly scan the information system network and detect dangers. However, only the installation of these products is not enough, it should be kept up to date and the necessary files should be scanned regularly.
To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.