It was announced that companies belonging to Trabzonspor were hacked on 19 May. According to the statement made by KVKK, the criminals, including user data, were infiltrated and encrypted. It could not be determined how many people were affected by the cyber attack and which information was leaked.
Personal Data Protection Authority (KVKK), Trabzonspor Sportif Investment and Football Management Trade Inc. made an important statement about In the statement, the company cyber attack It was stated that the victim fell victim and the user data fell into the hands of the attackers. So when did the cyber attack take place and what data of the users fell into the hands of hackers?
According to the KVKK’s statement, Trabzonspor 19 May 2023 He was cyber-attacked and realized this on the same day. After infiltrating the system, the attackers also encrypted the data of the users. As such, it is precisely how many people’s data was leaked. not detected.
Identity and contact information may also have been leaked
Users in Trabzonspor’s database identity and contact informationThere were data in categories such as financial information, professional experience, past transactions and marketing. With the attack on May 19, all this data was potentially in the hands of hackers. Who or who did the attack, for what purpose Unknown.
Meanwhile; In addition to Trabzonspor Sportif Investment and Football Management Trade Inc., Trabzonspor Commercial Products and Tourism Management Trade Inc., Trabzonspor Football Management Trade Inc.Trabzonspor Telekomünikasyon Danışmanlık ve Servis Hizmetleri Ticaret A.Ş., Bordeaux Mavi Futbol Yatirimlar Ticaret A.Ş., Trabzonspor Club Association, Trabzonspor Bordeaux Mavi Enerji Elektrik Üretim A.Ş. employeesLet’s also mention that there are users, students, customers and potential customers.
The description of KVKK is as follows:
“As it is known, paragraph (5) of Article 12 of the Law on the Protection of Personal Data No. 6698, titled “Obligations regarding data security”, states that “In case the processed personal data is obtained by others illegally, the data controller shall notify the relevant person and the Board as soon as possible. If necessary, the Board may announce this situation on its own website or by any other method it deems appropriate.” its ruling.
Trabzonspor Sportif Investment and Futbol İşletmeciliği Ticaret A.Ş., which has the title of data controller. In summary, in the data breach notification submitted by the Board to the Board;
- The servers of the data controller are encrypted as a result of the cyber attack,
- The violation took place on 19.05.2023 and was detected on the same day,
- In addition to the cyber attack, Trabzonspor Commercial Products and Turizm İşletmeciliği Ticaret A.Ş, Trabzonspor Futbol İşletmeciliği Ticaret A.Ş., Trabzonspor Telekomünikasyon Danışmanlık ve Servis Hizmetleri Ticaret A.Ş., Bordeaux Mavi Futbol Yatirimlar Ticaret A.Ş., Trabzonspor Club Association, Trabzonspor Bordeaux. Mavi Enerji Elektrik Üretim A.Ş. was also affected,
- It is not possible to access the files held on the encrypted servers; for this reason, the number of persons and records affected by the violation could not be determined,
- The contact groups affected by the breach are employees, users, students and customers and potential customers,
- Identity, communication, personnel, customer transaction, finance, professional experience, marketing, audio-visual records and other data categories are affected by the breach,
- Relevant persons can obtain information about the data breach through the call center.
information is included.
Although the investigation on the subject continues, with the Decision of the Personal Data Protection Board dated 25.05.2023 and numbered 2023/918, it has been decided to announce the aforementioned data breach notifications on the Institution’s website.
It is announced to the public with respect.”
To the original text of the KVKK from here you can reach.