NEW DATA BREACH ANNOUNCEMENT FROM THE TURKISH DATA PROTECTION AUTHORITY

25.09.2020

As known, article 12(5) of the Law on Personal Data Protection no 6698 stipulates that in case the processed data are collected by other parties through unlawful methods, the controller shall notify the data subject and the Board within the shortest time. Where necessary, the Board may announce such breach at its official website or through other methods it deems appropriate.

In summary, in the letter sent by PSL Elektronik San. ve Tic. A.Ş. as a data controller to Turkish Personal Data Protection Authority (“TDPA”), it is stated that ;

  • The breach occurred by encrypting the software running on the server device used by the Company and the files containing the information produced in these software.
  • The breach occurred at 01:00 on 20.09.2020, and it was detected at 08:00 on 21.09.2020 upon checking the system at the beginning of the work.
  • Identity, communication, personal, legal operation, customer operation, finance, professional experience, marketing data were affected by the breach.
  • The sensitive personal data which are information of racial and ethnic origin and were affected by the breach.
  • The groups affected by the breach are employees, users, customers and potential customers.
  • The number of people affected by the breach could not be determined at this stage.

“TDPA” stated that the investigation on the subject is still ongoing.

Should you have any queries and/or remarks, please do not hesitate to contact us. 

Kind regards,

Zumbul Attorneys-at-Law

info@zumbul.av.tr