What Happened
In March 2025, Turkish internet service provider TurkNet (also stylized as Turk.net) suffered a major data breach detected on March 11, when hacker “hades_hgs” claimed responsibility on a dark web forum and threatened to leak approximately 2.8 million customer records unless paid 3 Bitcoin (over $246,000). TurkNet confirmed the incident in a customer email and statement on March 13, revealing exposure of sensitive personal data for over 1.5 million customers, including full names, phone numbers, national ID numbers, addresses, subscription details, and static IP addresses—though financial data and passwords were not compromised. The attacker boasted of accessing the company’s full infrastructure and shared obscured screenshots, prompting TurkNet to enhance security measures, report to Turkey’s Personal Data Protection Authority and telecom regulators, and pursue legal action without service disruptions. Cybersecurity experts urged affected users to reset passwords, enable 2FA, and monitor accounts amid risks of phishing and identity theft.
