BreachExchange mailing list archives
Déjà vu Data Leaks
From: inga () riskbasedsecurity com (Inga Goddijn)
Date: Thu, 7 Apr 2016 08:53:51 -0500
https://www.riskbasedsecurity.com/2016/04/deja-vu-data-leaks/ Recycled Turkish Citizenship Database Re-leaked, Again On June 4th, 2016, there were new reports that the personal details of nearly 50 Million Turkish citizens <http://abcnews.go.com/Technology/wireStory/data-50-million-turks-allegedly-leaked-online-38142865> had been compromised and posted online in a massive security breach. The news appears to be triggered from a Tweet <https://twitter.com/dchest/status/716934572949299200> that received quite a bit of attention: [image: Turkey 1 - Database Leaked] A leaked database containing 49,611,709 records (about 6.6 GB of data), was reported to have appeared on the website of an Icelandic group offering download links to anyone interested. <http://thehackernews.com/2016/04/personal-data-leaked.html?m=1> The leaked database was reported to contains the following information: - First and last names - National identifier numbers (TC Kimlik No) - Gender - City of birth - Date of birth - Full address - ID registration city and district - Userâs mother and Fatherâs first names Well-known security researcher Jacob Applebaum tweeted <https://twitter.com/ioerror/status/716943530892111874> shortly afterwards, that if it is what it claims to be, he thought it was one of the largest security/PII breaches since the large OPM breach. <http://www.eweek.com/security/opm-says-far-more-fingerprint-data-stolen-than-first-reported.html> His tweet received quite a bit of attention as well. [image: Turkey 2 - Applebaum] With a record setting year in 2015 <https://www.riskbasedsecurity.com/2015-data-breach-quickview/>, and so many data breaches occurring every day, it can be extremely difficult to keep up with the ever changing data breach landscape, and what it means for organizations. For those that pay attention to the daily ebb and flow of breach activity, you were likely yelling at your screen at the beginning of this blog shouting that this leak is clearly a duplicate. Or at the very least, thinking to yourself this sounds very, very familiar. This data, while legitimate, has been leaked before <https://twitter.com/CthulhuSec/status/699247420803309569>! More concerning, it was even leaked before that! <https://www.reddit.com/r/worldnews/comments/4dc0wv/the_entire_turkish_citizenship_database_has/> Oh⦠and one more time before that! <http://www.hurriyet.com.tr/tum-bilgileriniz-su-anda-satiliyor-olabilir-15430731> [image: Turkey 3 - Cthulhu] Turkish press reports came to light as early as January, 2015 claiming that governmental databases containing this very same information had been compromised. According to The Daily Dot <http://www.dailydot.com/politics/turkey-data-dump-cthulu-police/>, the leaked database files are actually from 2009, and their public existence has been known since 2010. Whatâs more, the data is⦠well, dated, with the most recent information coming in 2008. <https://twitter.com/erenturkay/status/716958238999191553> [image: Turkey 4 - 2008] If for some reason you are interested in seeing the Turkey re-leaked data, a new site just was published that is a searchable database <https://thanksgiving.who.ec/> of the âleakedâ information. But remember, it isnât that uncommon to find voter information online as we have seen with Indian voters previously. <http://eci.nic.in/eci_main1/Linkto_erollpdf.aspx> While there is no *real* new news here, this is just one example of the numerous data leaks that are really re-leaks or all together just not valid. But donât worry! There will be plenty more leaks to report on shortly and you of course have the Panama Papers to be reading <https://panamapapers.icij.org/20160403-panama-papers-global-overview.html> as well! -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160407/c26c68c3/attachment.html>
Current thread:
- Déjà vu Data Leaks Inga Goddijn (Apr 07)