Turkey launches probe after hackers leak civilian data and taunt president
April 7, 2016
Shah Sheikh (1294 articles)
Share

Turkey launches probe after hackers leak civilian data and taunt president

Turkey on Wednesday launched an investigation after a hacker or hackers posted a database online containing the personal information of nearly 50 million Turkish citizens — more than half of the country’s population — and a message taunting President Recep Tayyip Erdogan.

The population of Turkey is around 78 million. Experts say the leak could be one of the largest public leaks of its kind.

The information, found in a 1.4 gigabyte compressed bittorrent file consisting of 49,611,709 entries, included citizens’ names, addresses, parents’ first names, cities of birth, birth dates, and a national ID numbers used by the Turkish government, according to the Associated Press, which verified the information as authentic.

The news agency said it was able to partially verify the authenticity of the leak by running 10 non-public Turkish ID numbers against names contained in the dump. Eight came back as a match.

The size of the leak and the information disclosed puts tens of millions of people at risk of identity theft and fraud, experts said.

While Ankara tried to downplay the leak, Justice Minister Bekir Bozdag was quoted by Turkey’sHurriyet Daily as saying the number of people was comparable to those on the country’s electoral register.

“The Supreme Election Board is also in possession of identity data and it shares it with political parties,” he said, implying that a political party or perhaps members of one might be behind the leak. “It is a matter that should be investigated, and I believe prosecutors will conduct a comprehensive inquiry.”

Bozdag said the government had already passed a personal data protection bill and it is currently awaiting Erdogan’s approval.

Turkish President Recep Tayyip Erdogan addresses neighborhood leaders (mukhtars) during the mukhtars meeting at the Presidential Complex in Ankara, Turkey, on April 6, 2016.

IMAGE: OKAN OZER/ANADOLU AGENCY/GETTY IMAGES

The unlawful release of personal data is an offense punishable by a minimum prison sentence of two years, which may be increased if the perpetrator is a civil servant, pro-government newspaper the Daily Sabah reportedHacking a computer system carries a prison term of up to a year, in addition to fines.

But the perpetrator or perpetrators might not be Turkish, or even in the country. The site appears to be hosted by an Icelandic group that specializes in divulging leaks, using servers in Romania, the Associated Press reported.

“Do something about Erdogan! He is destroying your country beyond recognition.”

Whoever the hacker or hackers are, they also exposed and even highlighted information for Erdogan, along with that of his predecessor Abdullah Gul and Prime Minister Ahmet Davutoglu.

The leak came with a provoking message to those leaders: “Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure?”

In a message on the lessons to be learned by Turkey, the hackers wrote: “Bit shifting isn’t encryption.”, “Index your database. We had to fix your sloppy DB work.” and “Putting a hardcoded password on the UI hardly does anything for security.”

Striking a political tone, it added: “Do something about Erdogan! He is destroying your country beyond recognition.”

The hacker also included a political message for the United States, as well.

It read: “We really shouldn’t elect Trump, that guy sounds like he knows even less about running a country than Erdogan does.”

Source | Mashable