DATA BREACH NOTIFICATION FROM EDENRED CORPORATE SOLUTIONS INC.

27 November 2019

According to Article 12 of the Law on the Protection of Personal Data, Edenred Corporate Solutions Inc. has fulfilled the obligation to notify the Turkish Data Protection Board (the “Board”) about the data breach as a data controller. 

In the notice sent to the Board on 26.11.2019 they stated that;

• A cryptographic virus attack (ransomware) was launched on the information systems of the companies group Edenred Global on 21.11.2019 at 17:00,
• This cyberattack affected computers and servers of the active business units located in various countries around the world including Edenred Turkey,
• Cyberattack was noticed by the inability to access to the documents of the employees of their allocated work computers both in Edenred Turkey and Edenred Global  
• Investigations are continued to determine the number of people affected by the violation, the estimated number of records and personal data categories,
• All kinds of requests and questions related to the protection of personal data of the concerned persons could be sent in writing Esentepe Mahallesi Talatpaşa Cad. No: 5 Kat: 1, 34394, Şişli, İstanbul or 0947004343100016.edenred@hs02.kep.tr registered e-mail address or bilgi-tr@edenred.com e-mail address,

In the public announcement published on the Board’s website, it was stated that the investigation on the subject is continuing.

You can find the relevant public announcement text (in Turkish) here.

Should you have any queries and/or remarks, please do not hesitate to contact us. 

Kind regards,

Zumbul Attorneys-at-Law

info@zumbul.av.tr