Information warfare continues to morph before our eyes into tactics and problems that we cannot really conceive. You may have thought that the OPM hack was a problem -- the personal information of every security-cleared American exfiltrated by the Chinese. You ain't seen nothing yet. Yesterday, someone (no credit claimed yet -- though note the suggestion that the hackers are American) posted online what appears to be the personal information of EVERY Turkish citizen -- all 49+ million of them. It's more than 6 GB of data, apparently. Humorously, the first listed individual is:
national_identifier | 17291716060 first | RECEP TAYYIP last | ERDOGAN
Here is the opening of the dump:
Turkish Citizenship Database
Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure?
This leak contains the following information for 49,611,709 Turkish citizens: (IN CLEARTEXT)
- National Identifier (TC Kimlik No)
- First Name
- Last Name
- Mother's First Name
- Father's First Name
- City of Birth
- Date of Birth
- ID Registration City and District
- Full Address
Lesson to learn for Turkey:
- Bit shifting isn't encryption.
- Index your database. We had to fix your sloppy DB work.
- Putting a hardcoded password on the UI hardly does anything for security.
- Do something about Erdogan! He is destroying your country beyond recognition.
Lessons for the US? We really shouldn't elect Trump, that guy sounds like he knows even less about running a country than Erdogan does.