Customer data stolen in cyberattack against Turkish internet provider

ISTANBUL

TürkNet, a prominent Turkish internet service provider, has fallen victim to a significant cyberattack, with hackers gaining access to the personal information of around 1.5 million customers, local media reported on March 13.

TürkNet acknowledged the security breach in an official statement, stating that the leaked data includes full names, national ID numbers, phone numbers, addresses, subscription details and static IP addresses.

But, the service provider did not disclose the exact number of customers affected by the attack. The media reported the figure as nearly 1.5 million.

Private media outlet Habertürk echoed claims that the attacker demanded a ransom of 3 Bitcoins (more than $246,000) in exchange for the stolen data.

"Despite the measures we have taken within the scope of the personal data protection law, a cyberattack has targeted our institution's database. We enhanced security and raised the degree of essential administrative and technological safeguards in the meantime,” the statement read, confirming that a cyberattack took place on March 11 against the company.

TürkNet also confirmed that it is working closely with relevant regulatory bodies to address the breach and identify those responsible, stating that an investigation is underway to untie the incident.

The attack has raised concerns about cybersecurity, showing that data breaches are becoming a serious threat in Türkiye and around the world, affecting both individuals and businesses.

Over 1 billion malicious access attempts to 1.5 million IP addresses in the country were blocked in January alone by official cybersecurity authorities, according to a statement by Transport and Infrastructure Minister Abdulkadir Uraloğlu.

On March 13, the Turkish parliament ratified a cybersecurity law, introducing prison sentences of up to 12 years for individuals targeting the governmental institutions’ digital infrastructure with cyberattacks.