Sensitive personal data of Turkish citizens and residents of Turkey has been compromised, according to the Free Web Turkey, a platform dedicated to combating internet censorship in the country.
On Friday, the platform exposed the existence of a website called Sorgu Paneli, which allows unrestricted access to personal data such as identification numbers, names, addresses, telephone numbers and even bank account details in exchange for a free membership. Paid members can obtain even more private information, including title deeds.
By simply searching a person’s name and surname on the website, which requires only an email registration, anyone can easily access this sensitive information. The website, operating under the domain address Sorgu.live, currently has a total of 5,195 users and offers similar services on Telegram and Discord. The administrators of the website openly promoted their services on Twitter and their own platform.
Veysel Ok, Co-Director of the Media and Law Studies Association (MLSA), emphasised the severity of the crime committed, stating that all personal data, including that of relatives, bank details, title deed information, and addresses of every resident in Turkey, had been unlawfully obtained. Ok condemned both the data thieves and the state authorities for their failure to protect citizens’ data, pointing out the violation of the Personal Data Protection Law and the Turkish Penal Code.
It is estimated that approximately 85 million Turkish citizens and residents have had their sensitive information exposed by the website. In response, the MLSA announced its intention to file a lawsuit for compensation and lodge a criminal complaint against the Interior Ministry, which bears responsibility for safeguarding personal data. Ok urged affected individuals to assert their legal rights by pursuing compensation lawsuits and filing criminal complaints.
This incident follows a previous alleged data breach in Turkey’s e-Government Gateway system last year, raising concerns about the overall security measures in place. However, the Digital Transformation Office of the Presidency claimed that detailed checks revealed no evidence of data leakage.