According to the public announcement on the website of the Personal Data Protection Authority (KVKK), there was a data breach at Logo Yazılım Sanayi ve Ticaret AŞ.
USERS AND CUSTOMERS IMPRESSED
It was stated that a criminal complaint was made to the Gebze Chief Public Prosecutor’s Office regarding the issue, and it was noted that the relevant person groups affected by the violation were users and customers/potential customers.
HERE’S INFORMATION THINKING AFFECTED
It was stated that among the affected data, it is thought that the name, surname, title, TR identity number / tax identification number, contact, finance and customer transaction information of the personal company customers of the data controller may be included.
The full public announcement on the website of the Personal Data Protection Authority is as follows:
As it is known, paragraph (5) of article 12 of the Law on Protection of Personal Data No. 6698, titled “Obligations regarding data security”, “In case the processed personal data is obtained by others illegally, the data controller shall notify the relevant person and the Board as soon as possible. If necessary, the Board may announce this situation on its own website or by any other method it deems appropriate.” its ruling.
In summary, in the data breach notification submitted to the Board by Logo Yazılım Sanayi ve Ticaret AŞ, which has the title of data controller:
A person, by sending an e-mail to the data controller, states that he wants to discuss a data leak incident, then an online meeting is held with the relevant person, and the data allegedly leaked by the data controller is transmitted to the data controller,
As a result of the examination, it has been determined that the data belongs to the systems of the data controller and that the violation has been unlawfully seized,
The determination of all the details of the violation continues with expert organizations, and a criminal complaint has been filed with the Gebze Chief Public Prosecutor’s Office,
The relevant groups of persons affected by the breach are users and customers/prospects,
Efforts to determine the number of persons and registrations affected by the violation are continuing,
It is thought that the affected data may contain the name, surname, title, TR identity number/tax identification number, contact, finance and customer transaction information of the sole proprietorship customers of the data controller.
information is included.
Although the investigation on the subject continues, with the Decision of the Personal Data Protection Board dated 06.01.2022 and numbered 2022/16, it has been decided to announce the personal data breaches on the website of the Authority.
It is announced to the public with respect.