Brinztech Alert: 129k Customer Records from Turkish Insurance Software Firm Adayazilim on Sale

Dark Web News Analysis: Database of Turkish Insurance Software Provider Adayazilim on Sale

A database allegedly from Adayazilim, an insurance management software company based in Turkey, is being offered for sale on a hacker forum. The breach represents a critical supply chain attack, exposing the sensitive personal, vehicle, and policy information of over 129,000 insurance customers. A compromise of a central software provider for the insurance industry is a highly efficient way for criminals to steal data from multiple agencies at once. The leaked data is a complete toolkit for identity theft and insurance fraud, reportedly including:

• PII and National ID: National ID numbers (likely TCKN), full names, contact details, and addresses.
• Vehicle and Insurance Data: Vehicle license plates, detailed insurance policy information, and payment records.
• Record Count: Over 129,000 customer records.

Key Cybersecurity Insights

This incident highlights the immense and cascading risks of a supply chain breach, where a vulnerability in one software provider can impact an entire industry sector.

• A Critical Supply Chain Attack on the Turkish Insurance Industry: A breach at a core software provider like Adayazilim is a supply chain attack by definition. Threat actors target these central hubs to steal the consolidated data of many different insurance agencies and brokers in a single operation. The end customers of all these agencies are now at risk due to a single vulnerability at their software vendor.
• A “Full Profile” for Sophisticated Insurance Fraud: The combination of a person’s national ID, contact details, vehicle license plate, and their specific insurance policy information is a complete toolkit for criminals. They can use this to file fraudulent insurance claims, impersonate policyholders to make unauthorized changes to their accounts, or sell the data to other criminal groups specializing in automotive or insurance fraud.
• A Major Violation of Turkey’s Personal Data Protection Law (KVKK): The exposure of such a large volume of sensitive PII and financial information is a severe violation of Turkey’s data protection law, KVKK. Adayazilim, and potentially the insurance agencies it serves, face a high likelihood of a government investigation, substantial fines, and serious legal action.

Critical Mitigation Strategies

Adayazilim must launch an immediate investigation, its insurance agency clients must assess their exposure, and the end customers must be on high alert for fraud.

• For Adayazilim: Immediately Launch a Compromise Assessment: The company must immediately launch a full forensic investigation to confirm the breach, identify the vulnerability in their software or infrastructure that was exploited, and contain the damage to prevent further data loss.
• For Adayazilim’s Clients (Insurance Agencies): Proactively Demand Information and Review Vendor Risk: The insurance agencies that use Adayazilim’s software are now at risk. They must demand a transparent and immediate report from their vendor. This incident also serves as a critical reminder to regularly audit the security posture of all third-party software providers.
• For Affected Customers (Policyholders): Be on Maximum Alert for Insurance Scams: This is the most crucial advice for the 129,000+ victims. They must be on high alert for any unsolicited calls or emails about their insurance policy, vehicle, or payments. They should monitor their financial accounts closely and be extremely suspicious of any communication that uses their real policy or vehicle details to appear legitimate.

Secure Your Organization with Brinztech As a cybersecurity provider, we can protect your business from the threats discussed here. Contact us to learn more about our services.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. For general inquiries or to report this post, please email us: contact@brinztech.com