A report from SafetyDetectives revealed that over 2 million Turkish citizens' vaccination records were leaked on the dark web. The information stolen included birth dates, doctor ID numbers, vaccination dates and types, hospital addresses, supply chain information, and parts of patient passport data. The leak occurred on April 4, 2023, and the attackers were identified on a hacker forum. The stolen data includes 125,000 unique doctor identifiers, with 70% of the total number of Turkish doctors being victims.
Police at SafetyDetectives believe the leak likely occurred due to a breach in the government's medical information systems. The information stolen can be used for identity theft, blackmail, cyberespionage, and other crimes. Similar incidents have occurred in India, where hackers leaked the medical records of 1.7 million people on the dark web. The threat was resolved after the Indian Computer Incident Response Team intervened.
Protecting medical data is a significant challenge in many countries, and attackers often find ways in. Governmental and private organizations both need stricter laws and regulations as well as improved cyber protection to address this issue.