26 Nov, 2022

KVKK Published 2 New Data Breach

Shanghai Moonton Technology Co Ltd Data Breach Notice

Pursuant to the commanding provision 12/5 titled Obligations Regarding Data Security of the Personal Data Protection Law No. 6698 (“Law”), following the situation that the personal data processed by the data controller is seized by third parties unlawfully, as soon as possible by appropriate means and It has an obligation to notify the Board of Directors (“Board”).

In summary, in the data breach notification notified to the Personal Data Protection Authority ("Institution") by Shangai Moonton Technology Co Ltd, which is the data controller, and shared on the Authority's website on November 24, 2022;

  • A data breach occurred due to the sharing of data belonging to users who are members of the discussion forum site related to the game called Mobile Legends operated by the data controller, on a website,
  • The data breach started on 12.09.2022, ended on 15.09.2022 and was detected on 03.11.2022,
  • 3.375 users and forum site members were affected by the data breach,
  • Identity, communication (email), transaction security and other (user ID, username, domain visits, gender, domain used, points, reputation, assets, contribution points, registration date, last visit time, IP used during registration) from data breach , last visit IP and last activity time) data are affected,
  • It is stated that the relevant persons can get information about the data breach from the [email protected] e-mail address.

You can reach the Data Breach Notification Decision via this link:

https://www.kvkk.gov.tr/Icerik/7505/Kamuoyu-Duyurusu-Veri-Ihlali-Bildirimi-Shangai-Moonton-Technology-Co-Ltd 

Pamukkale Municipality Data Breach Notice

In summary, in the data breach notification notified to the Personal Data Protection Authority (“Institution”) by Pamukkale Municipality, which has the title of data controller, and shared on the Authority’s website on 24 November 2022;

  • A SQL attack was attempted on the website of the data controller on 18.11.2022,
  • Within the scope of the threat intelligence activities carried out within the USOM, it has been determined that some information that is considered to belong to the data controller is published by the attackers on various forum sites on the internet, and the violation is informed by the warning and information message from the SOME,
  • It is suspected that the TR ID number, address, contact, name, surname data in the scholarship and tradesman aid tables in the website database may leak after the violation,
  • The number of people affected by the violation is 11,000;
  • The groups of persons affected by the breach are students and other (artisan) categories.

 information is included.

Being informed of the said data breach by the warning from SOME has once again shown how important and critical the corporate SOME is.

You can reach the Data Breach Notification Decision via this link:

https://www.kvkk.gov.tr/Icerik/7504/Kamuoyu-Duyurusu-Veri-Ihlali-Bildirimi-Pamukkale-Belediyesi 


To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.


 

About Content:
Share on Social Media:
Facebook
Twitter
LinkedIn
Telegram