23 Jul, 2019

Tell me your TCKN, I'll tell you your credit information!

Another bank and another privacy violation...

Unauthorized access and questioning of financial information, which was previously on the agenda with ING Bank, this time with the Turkish Economy Bank (TEB). As announced on the Board's website, 3 employees at different locations of TEB questioned the credit information of an estimated 17,582 bank customers and 7,706 non-bank customers in violation of the Bank's Access and Information Security Policies. This process continued for 2 years without appearing. Although there is no evidence that this information was transferred through bank systems, it is thought to have occurred by correspondence over personal phones.

Highlights in this case:

  • Inadequate access authorization in the query screens.
  • The lack of laws, policies and usage instructions applied in banks
  • Organizations are more vulnerable to internal threats.

To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.

About Content:
Share on Social Media:
Facebook
Twitter
LinkedIn
Telegram