Data Breach Notification - Akbank T.A.Ş.
In summary, in the data breach notification conveyed to the Board by Akbank T.A.Ş, which has the title of data controller;
- Your violation; During the writing of the code of a project created for the account opening transactions of the data controller legal entity customers, the e-mail address variable should be written dynamically, but as a result of static writing,
- Electronic passbooks belonging to some customers whose accounts were opened between 27.08.2022 and 18.10.2022 were sent to 20 legal entity customers (in different numbers for each), who are also Bank customers by mistake, instead of these customers,
- 5,847 bank customers were affected by the breach,
- Personal data affected by the breach; within the categories of identity, customer transaction and finance; Name and surname, TR identity number, customer number, tax office, individual banking service contract number and date, account number, branch name, foreign currency code, IBAN, product name, interest rate, opening and due date and account opening amount information,
- It is stated that the relevant persons affected by the violation can obtain information from the akbank.com website and the phone number 4442525.
Although the investigation on the subject continues, with the Decision of the Personal Data Protection Board dated 22.03.2023 and numbered 2023/463, it was decided to announce the data breach notification on the website of the Authority.
You can reach the Data Breach Notification Decision via this link:
