Cyber Incident Victim: Turkish National Police

In February 2016, a hacker using the alias ROR[RG] leaked approximately 17.8GB of data allegedly stolen from Turkish National Police (EMG) servers. The data, distributed via BitTorrent links through the website The Cthulhu, consisted of MySQL database backups in .myd and .myi file formats. ROR[RG] claimed to have originally breached the police servers two years prior to the leak, around 2014, and asserted continued access to the compromised systems at the time of disclosure. The hacker cited corruption within the Turkish police force as the motivation for releasing the data, aligning with widespread allegations of abuse of power and excessive violence against protesters documented in Turkish media. This incident followed ROR[RG]’s previous breach of Adult Friend Finder in 2015, which exposed sensitive data of 3.8 million users, and coincided with the hacker’s earlier leak involving the Fraternal Order of Police.

The leak occurred amid heightened tensions between Turkish authorities and hacktivist groups. Anonymous had previously conducted DDoS attacks against Turkish infrastructure, accusing the government of supporting Islamic State militants, while international observers raised concerns over police conduct following incidents like the death of US reporter Serena Shim. Neither the Turkish National Police’s response to the breach nor technical details about detection or containment measures were disclosed in available reports. The data’s validity remained unverified due to its database format, though both ROR[RG] and The Cthulhu had established credibility through prior incidents. The exposure represented a significant potential compromise of law enforcement data, though specific records affected were not independently confirmed.