Cyber Incident Victim: Republic of Turkey
Date:
Jun 2023
Location:
Turkey
Summary
A major data breach occurred at Turkey's e-Devlet government services portal, resulting in the theft of citizens' highly sensitive personal information. The stolen data, including ID numbers, phone numbers, family relations, addresses, and property deeds, was offered online through a website that promoted access to information belonging to high-ranking officials. The incident was described by experts as the country's largest data theft, constituting a severe digital security problem, though authorities had not issued an official response.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around June 9, 2023, a website identified as sorgupaneli.org became publicly accessible, offering the personal data of Turkish citizens allegedly stolen from the e-Devlet government services portal. The e-Devlet system is Turkey's primary public administration portal, containing extensive personal information on citizens, including details related to education, health status, banking credentials, and tax status. The operators of the website offered this data for free in exchange for users signing up for a membership on their platform. The information available through this free tier reportedly included Turkish ID numbers, personal phone numbers, and data concerning individuals' family members.
The website offered more sensitive categories of information to users who purchased a paid premium membership. This premium data allegedly included full home addresses, real estate deed information, and comprehensive education details. The operators of sorgupaneli.org made broad claims about the comprehensiveness of the stolen data, asserting that it contained information on high-ranking state and government officials. They specifically claimed to have and be able to provide the personal information of President Recep Tayyip Erdogan and the main opposition leader, Kemal Kilicdaroglu. These claims were reported by media outlets that accessed the site.
Cybersecurity and legal experts in Turkey characterized the incident as the largest data theft to have occurred in the country, describing it as a major digital security problem. A professor of constitutional law, Sule Ozsoy Boyunsuz, publicly called for specific response actions, stating that access to the website should be blocked immediately and that a full-scale investigation should be launched by the authorities. Despite these public calls for action and the widespread reporting of the incident, the Turkish government authorities remained silent and did not issue any official statements or acknowledgments in the immediate aftermath of the reports. The sorgupaneli.org website remained accessible online, though it experienced frequent crashes and periods of instability. These technical issues were attributed to extremely high user demand placing a significant load on the website's servers, indicating substantial public interest in the purported data.
The e-Devlet portal itself had been the subject of criticism for several years prior to this incident. Security experts had repeatedly raised concerns that the website was not secure enough to protect the vast amount of sensitive citizen data it held. The authorities responsible for the portal had consistently dismissed these claims and criticisms prior to the June 2023 incident. The offering of data on sorgupaneli.org represented a potential validation of those long-standing security concerns. The incident exposed a wide range of highly sensitive personal information, creating significant risks for identity theft, fraud, and targeted phishing attacks against the affected Turkish citizens. The scope of the alleged data theft, as claimed by the website operators, suggested a potentially massive compromise of the national identity system.