So in one day alongside the Panama Papers there has been another data breach.
This one is only 6.6Gb but compared to the colossal 2.6Tb of the Panama Papers could have far more dangerous and less visible consequences.
The archive contains approx 50Million unique turkish citizenship records according to various security blogs with data up to 2009, an election year. Indeed these appear to be records from some government agency managing possibly voter registration records.
A short description can be found via [securityaffairs.co]
And the (apparently originally posted) [ycombinator page]
For obvious reasons I wont be linking directly to the IP that posted the original data. But that is anyway where the ycombinator link directs to.
Most of the media I have seen reporting on this have classed this as hacktivism. As someone who is involved in the InfoSec community I think that the media is damaging the public opinion of real 'hacktivists' (such as in the Panama Pages, Snowden, Wikileaks etc case) by calling these people such.
Dumping half of an entire countries citizen information online is not hacktivism its cyber-terrorism. These are either incredibly naive or just plain dangerous individuals.
I think that this was nothing but an attempt to cause harm to Turkey and its Citizens. It will enable criminals and terrorists around the world for years to come. Terrorists will find a way use this information to buy and register a phone in someone else's name with precise details and strap it to a remote controlled bomb.
Scammers and Cons will abuse this to no end.
No matter how bad a systems security is, it does not warrant dumping peoples and particularly not half a countries personal information online, this wasn't done by any sane logical person under the pretense of online security as the snarky message says on the page.