01 Jul, 2022

ARG Shipping Construction Automotive Industry and Trade Ltd. Sti, Iste Ship Construction Maintenance Construction Hardware Industry and Trade Ltd. Ltd. Şti, Safter Ulubay Data Breach

With the titles of data controller ARG Denizcilik İnşaat Otomotiv Sanayi ve Ticaret Ltd. Şti. Sti, Iste Ship Construction Maintenance Construction Hardware Industry and Trade Ltd. Ltd. Şti and Safter Ulubay separately, were shared on the website of the Personal Data Protection Authority ("Institution") on 29 June 2022. In summary, in the data breach notification shared from the institution's website;

  • The violation occurred by blocking access to files on the computer,
  •   The source of the violation is stated as sabotage,
  • The violation took place on 21.06.2022 and was detected on the same day,
  • İhlalden veri sorumlusu çalışanlarına ait kimlik, iletişim ve özlük bilgilerinin etkilendiği,
  • The estimated number of people affected by the breach for each data controller is 2000

information is included.

Conclusion:

As seen in the aforementioned data breach notification shared on the institution's website; It is of great importance against sabotage attacks to pay attention to the issues of access authorization control and matrix, which are among the necessary technical measures to ensure the security of personal data, to carefully identify the persons who are authorized to act on the files for which personal data is processed, and to prevent the access of unauthorized persons to the files. It is necessary that the personal data kept, which is one of the other technical measures, does not make any sense by the third parties who have obtained the data illegally by masking/encrypting, in order not to cause victimization on the basis of the persons whose data is processed. Apart from the technical measures listed, it is an important issue that should be taken into account in order to take other technical and administrative measures to be taken and to detect and repair potential breach vulnerabilities that may be repeated periodically, and to avoid unjust treatment by both the company and the persons whose data is processed.

You can reach the Data Breach Notification Decision via this link: https://www.kvkk.gov.tr/Icerik/7388/Kamuoyu-Duyurusu-Veri-Ihlali-Bildirimi-ARG-Denizcilik-Insaat-Otomotiv-Sanayi-ve-Ticaret-Ltd-Sti-Istek-Gemi-Insa-Bakim-Insaat-Hirdavat-Sanayi-ve-Ticaret-Ltd-Sti-Safter-Ulubay 


To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.


 

About Content:
Share on Social Media:
Facebook
Twitter
LinkedIn
Telegram