Cyber Incident Victim: BtcTurk

In mid-2018, Turkish cryptocurrency exchange BtcTurk experienced a data breach compromising sensitive user information. The incident was disclosed by the company in an official announcement reported by CoinTelegraph on July 1, 2018. The breach exposed personal details of more than 500,000 users, including full names, government-issued citizen identification numbers, email addresses, physical addresses, dates of birth, and mobile phone numbers. The stolen dataset first surfaced publicly on June 29, 2018, when an actor offered it for sale on an online hacking forum. The seller provided sample records as verification of the data's authenticity, though the specific forum wasn't named in reports. BtcTurk confirmed the legitimacy of the breach through its announcement but didn't specify the exact intrusion date or method of compromise.

The exposed information posed significant risks to affected users due to the inclusion of national ID numbers and contact details, which could facilitate identity theft and targeted phishing campaigns. With over half a million users impacted, the breach represented one of the largest known security incidents affecting a Turkish cryptocurrency platform at that time. The company's disclosure came three days after the data appeared for sale online, though the announcement didn't detail any containment measures or forensic findings. No information was provided regarding whether financial data or cryptocurrency wallets were affected. The incident timeline suggests unauthorized access occurred approximately two weeks prior to the data's appearance on hacking forums, based on the June 15 reference date and subsequent June 29 sale listing.