Defacto Retail Tic. is the data controller. Inc. In summary, in the data breach notification submitted to the Personal Data Protection Board by:
- The violation was detected on 14.09.2023, with the information that customers saw personal information that did not belong to them on their profile pages,
- The data controller receives services from the data processor to provide CDN consumption traffic to deliver customer content to the end user,
- The data breach occurred after the software version, which included a series of improvements made to improve the services offered by the data processor, was put into operation,
- The categories of personal data affected by the breach are identity, contact and customer transaction data,
- While some of the 1337 customers in total who visited the Account Information screen on the My Account page only viewed their own account information screen, some customers could see the information of other customers on the interface of the account information screen, and the number of people affected by the breach is estimated to be 2686,
- Relevant persons can obtain information regarding the data breach from the call center at 0850 333 22 86, from DeFacto Customer Services' e-mail address [email protected] and from [email protected] e-mail address.
information is included.
Although the investigation on the issue continues, with the Decision of the Personal Data Protection Board dated 21.09.2023 and numbered 2023/1636, it was decided to announce the data breach notification on the Authority's website.
Source of New: KVKK Public Announcement (Notification of Data Breach)
To request a quotation for the following: Cyber Security, Digital Transformation, MSSP, Penetration Testing, KVKK, GDPR, ISO 27001 and ISO 27701, please click here.