Newsletter

Personal Data Protection Authority Data Breach Notifications

KVKK Veri İhlali Bildirimleri Personal Data Protection Authority Data Breach Notifications
27 Jan

Personal Data Protection Authority Data Breach Notifications

Data Breach Notifications were published by the Personal Data Protection Authority on December 1, 2023

  • Union of Chambers of Agriculture of Turkey
  • Kaymek Kayseri Vocational Education and Culture Inc.
  • Result

1.Union of Chambers of Agriculture of Turkey Data Breach Notification

In summary, in the data breach notifications submitted to the Personal Data Protection Authority (“Authority”) by the Union of Chambers of Agriculture of Turkey, which has the title of data controller;
– The breach occurred as a result of MERNIS web service queries from different IP addresses using the account information of a user registered in the Agricultural Chambers Information System (ZOBIS),
– T.R. Identity numbers used in MERNIS inquiries are numbers that are not kept in the ZOBIS database,
– The data affected by the breach is identity data,
– The breach occurred on 20.11.2023 and was detected on 21.11.2023, the number of relevant persons affected by the breach is 162,000, the groups of relevant persons affected by the breach have not yet been identified,

information is included.

2.Kaymek Kayseri Vocational Education and Culture Inc. Data Breach Notification

In summary, in the data breach notification submitted to the Personal Data Protection Authority (“Authority”) by Kaymek Kayseri Vocational Education and Culture Joint Stock Company, which has the title of data controller;
– The breach occurred by clicking on a link received via e-mail,
– The breach was detected with the letter sent by the Information Technologies Department to the data controller Kaymek Kayseri Vocational Education and Culture Inc,
– Students are the relevant group of people affected by the violation,
– The categories of personal data affected by the breach are identity information, contact, location, personal information and race and ethnic origin information from the category of sensitive personal data,
– The number of people affected by the violation was declared as 7186,

information is included.

3.Result

Data breach notifications published by the Personal Data Protection Authority (“Authority”) on December 01, 2023.

Paragraph (5) of Article 12 titled “Obligations Regarding Data Security” of the Personal Data Protection Law No. 6698 (“Law”) “In case the processed personal data is obtained by others through unlawful means, the data controller shall notify the relevant person and the Board as soon as possible. If necessary, the Board may announce this situation on its website or by any other method it deems appropriate.” Pursuant to the provision, data breach notifications were published by the Authority.

Please feel free to contact us for more detailed information.

Newer Amendment on Short-Term Renting of Residential Properties for Tourism Purposes has been published!
Back to list
Older Liability of the Bank due to the Legal Liability of the Branch Manager

Leave a Reply