Leak seems to be the work of an anti-Erdogan hacktivist

Apr 4, 2016 12:55 GMT  ·  By

A data leak appeared online yesterday claiming to host private information on 49,611,709 Turkish citizens, offering download links to anyone interested.

Hosted on 185.100.87.84, a Romanian IP address, the 1.5GB compressed (6.6GB uncompressed) database was offered for download via P2P, and was streamed by over 650 users at the time of writing.

The hacker who set up the download server said the data contained the following information: first and last names, national identifier numbers (TC Kimlik No), the user's mother and father's first names, gender, city of birth, date of birth, full address, and ID registration city and district.

Most of the leaked data is available via personal documents

All information is usually what you'll find on a standard Turkey ID card, which makes the leak less dangerous, but not completely safe. The source of the data is currently unknown, but could be very well from a public administration agency that deals with user information.

To prove the validity of the data, the persons behind the leak published the details of Recep Tayyip Erdogan, Turkey's current president and former prime minister.

The breach seems to be politically motivated. In an opening statement, the hackers wrote: "Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure?"

Hackers have something against Erdogan, ... and Trump

Additionally, the hacker provided "lessons" to learn from this leak. The first one was that "bit shifting isn't encryption," alluding to the fact that the data was improperly protected.

The second was "Index your database. We had to fix your sloppy DB work." Non-indexed databases are a sign of poor programming skills, and should, in theory, explain why encryption wasn't used to protect sensitive information.

Additionally, the hackers also revealed how they got in: "Putting a hardcoded password on the UI hardly does anything for security." They didn't specify in what UI, though.

The last lesson was a double political message, one for Turkey, and one for the US. First, the hackers said "Do something about Erdogan! He is destroying your country beyond recognition," while also adding "We really shouldn't elect Trump, that guy sounds like he knows even less about running a country than Erdogan does."

Softpedia has not downloaded the massive data leak due to its sensitive nature. There is also a possibility that some of the data may have been recycled from an older data breach that took place in 2009.

Screenshot of the website at 185.100.87.84
Screenshot of the website at 185.100.87.84

Photo Gallery (2 Images)

Hacker leaks details on 50 million Turkish citizens
Screenshot of the website at 185.100.87.84
Open gallery