Personal Data Protection Authority (KVKK), Logo Software Industry and Trade Inc. warned about the company. An investigation was initiated after a person contacted the company and reported that there was a data leak in their system. As a result of the examination, it was determined that the data in question belonged to Logo Yazılım and had been seized unlawfully.
In the data breach notification sent to KVKK by Logo Yazılım Sanayi ve Ticaret AŞ; While stating that the determination studies regarding the incident are continuing, An investigation was carried out by the Gebze Chief Public Prosecutor’s Office. recorded. The Personal Data Protection Authority shared the details of the incident on its website in accordance with the relevant article of the Personal Data Protection Law.
Violation affected Logo Yazılım customers
KVKK, Law No. 6698 on the Protection of Personal Data “Duties regarding data security” In paragraph (5) of article 12 titled, “In case the processed personal data is obtained by others illegally, the data controller shall notify the relevant person and the Board as soon as possible. If necessary, the Board may announce this situation on its own website or by any other method it deems appropriate.” warned in accordance with the provision.
On the website of the institution, the data breach experienced in the systems of Logo Yazılım Sanayi ve Ticaret AŞ was conveyed as follows:
In summary, in the data breach notification submitted to the Board by Logo Yazılım Sanayi ve Ticaret AŞ, which has the title of data controller:
- A person, by sending an e-mail to the data controller, states that he wants to discuss a data leak incident, then an online meeting is held with the relevant person, and the data allegedly leaked by the data controller is transmitted to the data controller,
- As a result of the examination, it has been determined that the data belongs to the systems of the data controller and that the violation has been unlawfully seized,
- The determination of all the details of the violation continues with expert organizations, and a criminal complaint has been filed with the Gebze Chief Public Prosecutor’s Office,
- The relevant groups of persons affected by the breach are users and customers/prospects,
- Efforts to determine the number of persons and registrations affected by the violation are continuing,
- It is thought that the affected data may contain the name, surname, title, TR identity number/tax identification number, contact, finance and customer transaction information of the sole proprietorship customers of the data controller.
information is included.”
Finally, stating that the investigation on the subject is ongoing, KVKK has also been approved by the Personal Data Protection Board’s Decision dated 06.01.2022 and numbered 2022/16. the said personal data breaches on the Institution’s website. stated that it was decided to be announced.