Pursuant to the commanding provision 12/5 titled Obligations Regarding Data Security of the Personal Data Protection Law No. 6698 (“Law”), following the situation that the personal data processed by the data controller is seized by third parties unlawfully, as soon as possible by appropriate means and It has an obligation to notify the Board of Directors (“Board”).
In summary, in the data breach notification, which was notified to the Personal Data Protection Authority (“Institution”) by Sitil Cizgi İnşaat Turizm ve Tekstil Anonim Şirketi, which has the title of data controller, and shared on the Authority’s website on 08 December 2022;
- As a result of the data controller being exposed to a ransomware attack on 05.12.2022, the servers cannot be accessed and some personal data is suspected to be leaked,
- Employees and customers are affected by the violation,
- The number of relevant persons affected by the violation has not yet been determined,
- Personal data categories affected by the breach are identity, contact, personnel, customer transaction information.
- The relevant persons can obtain information about the data breach from www.uki.com.tr. statements are included.
statements are included.
You can reach the Data Breach Notification Decision via this link:
