The Personal Data Protection Authority published the data breach in Logo Software Industry and Trade INC systems on its website.
The Personal Data Protection Authority (KVKK) has issued a warning about Logo Software Industry and Trade INC. An investigation was launched after a person contacted the company and reported a data leak in their system. As a result of the examination, it was determined that the data in question belonged to Logo Software and was obtained unlawfully.
Logo Software Industry and Trade INC. in its data breach notification to KVKK; While stating that the investigation into the incident is ongoing, Gebze said that the Public Prosecutor’s Office is investigating the matter. The Personal Data Protection Authority shared the details of the incident on its website in accordance with the relevant article of the Personal Data Protection Law.
Infringement Logo Software affected its customers
KVKK shall inform the relevant person and the Board as soon as possible if the personal data processed is obtained by others by unlawful means in paragraph 12 (5) of the Personal Data Protection Law No. 6698 titled “Obligations related to data security”. The Board may declare this situation on its website or by any other means it deems appropriate if necessary.”
On the website of the institution, the data breach in Logo Software Industry and Trade INC systems was reported as follows:
“Logo Software Industry and Trade INC, which has the title of data controller, summarizes in the data breach notification sent to the Board:
- A person sends an email to the data controller stating that he wants to discuss a data leak incident, after which an online conversation was conducted with the person concerned, and the data allegedly leaked by the person concerned was forwarded to the data controller,
- As a result of the examination, it was determined that the data belonged to the data controller systems and that the violation was committed by unlawfully obtaining it,
- The determination of all the details of the violation continues with the expert organizations and a criminal complaint has been filed with the Gebze Public Prosecutor’s Office,
- Contact groups affected by the breach are users and customers/potential customers,
- The number of people and records affected by the violation is ongoing,
- It is believed that the affected data controller may have name, surname, title, TC identification number/tax identification number, contact, finance and customer transaction information of the individual company customers
information is provided.”
Finally, KVKK stated that the review on the subject is ongoing and that it was decided to declare these personal data breaches on the Website of the Institution with the Decision of the Personal Data Protection Board dated 06.01.2022 and numbered 2022/16.