Turkish Citizenship: 49Million Records Allegedly Leaked

Claim Summary

An unverified and highly significant claim has surfaced on a dark web forum, alleging the leak of a massive Turkish government database. A user posting under the alias “Addka72424” claims to have uploaded the “Turkish Citizenship Database” for public download on October 26, 2023. The post purports that the data originates from a major government leak in 2009, referencing a system known as “mernis.” The threat actor claims the dataset contains approximately 49 million records, which would represent a substantial portion of the Turkish population. They have provided a file hash and size details, but no sample data or proof of the data’s authenticity has been independently verified.

What Is Allegedly Exposed

According to the forum post, the compromised data types are extensive and highly sensitive. The alleged database is said to contain:

• Full Names
• Dates of Birth
• Birth Cities
• Full Addresses
• Parents’ Information
• National ID Numbers
• Genders

If genuine, this combination of data points would constitute a catastrophic breach of personal privacy. National ID numbers, in particular, are critical identifiers that could be used for identity theft, financial fraud, and sophisticated social engineering attacks. The inclusion of familial information and full addresses significantly increases the potential for harm.

Threat Actor Profile

The post author, “Addka72424,” appears to be a relatively new or low-profile account with no established reputation on the forum. The act of offering such a high-value dataset for free public download is atypical and raises immediate red flags. Established threat actors often monetize such data or use it to build credibility. The lack of a known persona, combined with the grandiose nature of the claim, suggests the post could be an attempt at notoriety, a hoax, or a distribution method for malware via the linked download.

Potential Impact

The potential impact, should this claim be validated, is severe. On an individual level, the exposure of national ID numbers and familial data could lead to lifelong identity fraud risks for tens of millions of people. At a national security level, such a dataset could be weaponized for large-scale disinformation campaigns, targeted phishing against government officials or their families, or to undermine trust in national institutions. The alleged age of the data (from 2009) may mitigate some current risks related to financial accounts but does little to reduce risks associated with permanent identifiers and familial mapping.

What to Watch For

• Verification Attempts: Monitor for other threat actors or researchers attempting to validate the dataset’s contents using the provided MD5 hash (D9A83E014F2E2DBCDA42D480C12A2B46). Confirmation or debunking by credible sources will follow.
• Data Usage: Watch for signs of this data being integrated into existing combolists, used in targeted phishing campaigns against Turkish individuals, or referenced in other cybercriminal services.
• Official Response: An official statement from Turkish authorities acknowledging or denying the breach would be a key development.
• Actor Activity: Note if “Addka72424” posts further claims or gains credibility within the forum ecosystem.

Disclaimer

This report details an unverified claim from a dark web forum. The existence of the breach, the accuracy of the data, and the number of records affected have NOT been independently confirmed by Yazoul Security or any public authority. The information presented is based solely on the threat actor’s post and should be treated as alleged and potentially exaggerated. We advise extreme caution and recommend against attempting to access or download any files associated with this claim.