In this overview you’ll find details on the following incidents: two Turkish universities experienced personal data breach, while energy holding lost its data; personal details and information about legal bodies was exposed as a result of data leak in Brazil.
A data breach occurred at Trabzon University in January 2025. The Turkish Personal Data Protection Authority (KVKK) announced that personal data of 25 237 persons was exposed. Information about the university’s staff and students was leaked. According to the official statement, malicious actors obtained such sensitive data as:
On the 20th of January, Afyon Kocatepe University also fell victim of the data breach. Criminals got access to the university’s distance education system. As a result, more than 26 000 persons were affected by the data leak. KVKK released the statement about the incident. According to the official information, intruders used stolen credentials to access the university’s distance education system. Sensitive data on students, university employees, and customers was leaked. KVKK announced that malicious actors compromised the following data:
It was the second data-related incident in the Turkish educational sphere in a short time.
Another incident in Turkey affected the business entity. Criminals targeted Karadeniz Holding in December 2024. The data breach was detected during a routine security check. KVKK announced an ongoing investigation of the incident. Detailed information about the volume of the leak, nature and categories of stolen data, as well as the number of affected people or legal entities isn’t determined yet.
Another major incident happened in Brazil. The cyberattack affected Comunicação de Acidente de Trabalho (CAT) system, part of the Brazilian National Institute of Social Security. Malicious actors successfully infiltrated the CAT’s databases. As a result, 39 million unique records were exposed and put on sale.
Presumably, the malicious actors got access to such sensitive data as:
CAT is a report service used to notify government about work-related incidents. Under Brazil’s General Data Protection Law (LGPD) failure to comply this security guidelines can lead to major penalties - legal bodies can face fines of up to 2% of revenue, warning or suspension of data processing activities.
Cyber security threats endanger both governmental bodies and private legal entities. Data breaches are among most severe and destructive ones. Direct expenses caused by a breach, including financial and reputational ones affect organizations badly. Thus, protection of sensitive data is a top priority for any organization. Implementation of appropriate data protection solutions is among major steps to mitigate the risks, posed to valuable data. In order to prevent loss of sensitive data, exposure of trade secrets, loss of money; mitigate internal threats and avoid incompliance comprehensive protective system is required. Risk Monitor, the complex internal threat protection system is the reliable assistant in ensuring comprehensive protection, you may try it free of charge.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!