Not every piece of information we make available on the internet or on our behalf is completely secure in any way. No matter how good systems security experts develop to protect our information, malicious people who want to access this information make the same effort, and they always find a vulnerability and gain access to the information.
We have seen the last examples of this in Yemeksepeti, Zula’s former publisher IDC Games and especially Twitch. Today, as a result of the cyber attack carried out on the university by T. C. Istanbul Kultur University and the data seized, a violation notification was made to the Personal Data Protection Authority. In the violation notification, it was announced that a total of 15,967 people were affected.
Student information captured:
According to the notification made to KVKK, the list of student information was seized as a result of the attack on T. C. Istanbul Kultur University. While the group affected by the violation consisted of students, the information obtained from 15,967 students was as follows:
- T. C. identification number
- Date of birth
- Nationality
- Gender
- Phone number
- Corporate e-mail addresses
- Payment status
- Student name and surname, Student advisor name and surname
- YÖK scholarship rate information
KVKK announced that the investigation on the subject is continuing.
Legal obligation to notify KVKK when a data breach is detected:
Paragraph 5 of article 12 of the Law on the Protection of Personal Data No. 5598, titled “Obligations regarding data security”, states that data controllers must notify KVKK of any violation:
“In case the processed personal data is obtained by others illegally, the data controller shall notify the relevant person and the Board as soon as possible. If necessary, the Board may announce this situation on its own website or by any other method it deems appropriate. ”
5029
