Cyber Incident Victim: Turkish Joint Venture for 1915 Çanakkale Bridge

On April 24, 2021, the DLSY joint venture—comprising Turkish and South Korean firms Daelim, Limak, SK E&C, and Yapı Merkezi—detected a cyberattack targeting its infrastructure supporting the 1915 Çanakkale Bridge and Motorway Project. Attackers encrypted servers and files using ransomware, disrupting operations tied to a project involving 25 financial institutions across 10 countries. The breach was identified on the same day it commenced, prompting immediate notification to Turkey’s Personal Data Protection Authority (KVKK). Initial assessments indicated approximately 20,000 individuals were affected, though the partnership could not definitively identify compromised records or specific data categories at the time of reporting. Investigations revealed the attackers demanded ransom, though the amount and payment status were undisclosed.

The incident impacted personal data categories including identity, communication, health, financial, and legal records, though the exact scope remained undetermined. Affected individuals were believed to include DLSY employees, their relatives, and subcontractor personnel. Despite uncertainty regarding which specific data types were accessed or exfiltrated, the breach exposed sensitive information such as union memberships, criminal convictions, and professional experience. The partnership’s disclosure emphasized ongoing efforts to assess the full extent of the compromise, with no public confirmation of data recovery or system restoration. Regulatory inquiries continued as of the notification date, with no attribution to a specific threat actor or disclosure of operational disruptions beyond the encryption event.