Data Breach Summary
The online platform dergiplatformu.com, dedicated to providing access to Turkish magazine publications, recently fell victim to a significant security breach. InsecureWeb, a leading dark web scanning company, successfully detected the breach on August 2023. The responsible hacker, known as “sumo,” posted the compromised data on the dark web forum called “Cronos.li.”
The breach involved unauthorized access to a database containing approximately 331MB of sensitive user information. The leaked data includes unique user IDs, titles/positions, names, surnames, emails, passwords, telephone numbers, dates, email confirmations, phone confirmations, and GDPR consent forms. This personally identifiable information (PII) was unlawfully accessed and subsequently exposed on the dark web.
Where and How?
The breach occurred on the notorious dark web forum “Cronos.li,” frequented by cybercriminals in search of trading stolen data and coordinating illicit activities. It was within this hidden realm that the hacker, “sumo,” published the stolen data from dergiplatformu.com.
During our investigation, it was revealed that the breach specifically targeted the user database of dergiplatformu.com. This platform serves as a gateway to Turkish magazines, enabling users to access a diverse range of content. Unfortunately, the compromised data encompasses essential user details, including unique user IDs, personal titles, names, surnames, emails, passwords, telephone numbers, dates, and GDPR consent forms.
A Screenshot of the data can be found below:
Company Data Breach History
To the best of our knowledge, there is currently no known history of security breaches reported for dergiplatformu.com. Nonetheless, this breach serves as a wake-up call, emphasizing the relentless and evolving cyber threats faced by online platforms. It underscores the importance of implementing robust security measures to safeguard sensitive user data and mitigate potential risks.
dergiplatformu.com remains fully committed to prioritizing user privacy and security. In collaboration with cybersecurity experts, they are conducting thorough investigations, identifying vulnerabilities, and implementing enhanced security protocols to prevent future incidents and protect user confidentiality.
Recommendations for Personal Data Protection
How Users Can Protect Their Information
To protect their personal information and accounts from being compromised, users should take the following steps:
– Change their passwords frequently, with a combination of letters, numbers, and symbols.
– Enable two-factor authentication whenever possible.
– Use unique passwords for each account, to prevent hackers from accessing multiple accounts with the same password.
– Be cautious of suspicious emails or messages, as they may contain phishing links that can compromise their accounts.
– Regularly monitor their accounts for any suspicious activity.
What is InsecureWeb?
InsecureWeb is a Dark Web monitoring service that keeps track of recent data breaches and tracks their impact by monitoring the darkest places of the internet. InsecureWeb notifies users and enterprises when their data has been found online and helps them mitigate the impact.