Why were abusive messages sent to users? Are other companies at risk? Statement from the company’s CEO

SEQUENCE STATEMENTS FROM COMPANIES

The first statement on the subject came from Anadolu Sigorta. “Dear customers, as a result of the cyber attack on our internet infrastructure at 23.20 on December 9, 2024, we have temporarily stopped our transactions through our Sigortam Cepte application. In the first stage investigations, it was understood that the problem was caused by unauthorized access to our mobile application message service,” the statement said.

In the statement made by PTT, it was stated that it was determined that there was unauthorized access to the message service of the HGS mobile application from abroad and that notifications unrelated to the company were sent to some users in this context. “There was no data loss or user information falling into the hands of unauthorized persons during the intervention. Additionally, a legal process has been initiated in cooperation with legal authorities.”

FIRST STATEMENT FROM THE CEO OF THE COMPANY PROVIDING THE SERVICE

Along with the cause of the incident, the name of the distributor company and whether the attacks would spread to other companies in a short time were also a matter of curiosity.

It was soon determined that One Signal was the company that provided the message service to PTT and Anadolu Sigorta, which experienced the same attack. According to Haberturk.com, One Signal has thousands of customers in many sectors in Turkey. However, according to the statement made by the company, the problem is not caused by a problem experienced throughout OneSignal.

Responding to posts on the subject, One Signal’s founder and CEO George Deglin stated in his first statement that the problem is not directly related to OneSignal.

“THE PROBLEM IS NOT ABOUT ONESIGNAL, IT IS ABOUT THE COMPOSITION OF THE API KEY”

Deglin said in a statement: “Our team is investigating this situation and we are sorry that this has happened. In the first instance, it appears that the API keys of these applications have been compromised. It is always painful to see customers harmed by hackers. We can confirm that these applications are disabled, meaning no additional messages are being sent. However, we do not know how the API keys are being sent.” “We will reach out to these companies to determine if they may have been leaked and recommend that they use our IP permission list feature for additional protection.”

According to the news on Haberturk.com, Deglin stated in another statement that the problem did not originate from them and added, “To be clear, this is not an issue that affects OneSignal itself. We believe that the administrators of these applications may have kept the API keys where someone can access them.”

Finally, Deglin said, “We value all of our customers in Turkey and will continue to communicate about the issue and investigate how we can prevent our customers’ API keys from being disclosed.”

“I’M SORRY TO SAY, WE ARE STILL AT THE START OF WORK”

On the other hand, KOBIL Founder and CEO İsmet Koyun, who evaluated the issue and pointed out that cyber attacks, which increase in violence day by day, endanger the security of personal data, said: “As someone who has been working on data security for 25 years, I regret to say that we are just at the beginning. Measures to increase data security; “If it is not tightened and standard and reliable products are not respected, we will suffer more damage as a country in this regard,” he said.

Sheep; Stating that identity security, application security, server security or the security of communication channels alone may be insufficient, he said, “Most of the time, a third-party component or a service used in applications can cause serious security vulnerabilities in an application where all security measures have been taken and pave the way for cyber attacks.” . Emphasizing that institutions that have millions of people’s data need to be more sensitive about the security solutions they use, Koyun said, “You cannot provide patch-like security by bringing together a few open source solutions taken from right and left. There are more than 2 thousand Android versions on the market. When you provide security, you have to cover all of these devices.” he added.

Stating that security has become an obligation rather than an optional feature in the digital era, Koyun continued his words as follows: “Although certain measures are taken at the individual or corporate level, it is not possible to provide complete protection without having an end-to-end security infrastructure. KOBIL As KOBIL, we promise a safe future to our users and business partners in this field with the innovative security solutions we offer. As KOBIL, our mission is not only to provide protection against current threats, but also to provide an infrastructure that has been pre-empted against threats that may arise in the future. “With the power of our technology and expertise, we will continue to help companies move forward safely in their digital ecosystems.”

MORE THAN 380 THOUSAND CYBER ATTACKS HAVE BEEN EXPERIENCED IN TURKEY

According to the report published by the World Economic Forum in recent months, cyber attacks increased by 75 percent in the third quarter of 2024 compared to the same period in 2023.

In Turkey, more than 380 thousand cyber attacks were made in the first half of 2024 alone.

WHAT IS AN API KEY?

According to the detail on Amazon’s page, an API key is an alphanumeric string that API developers use to control access to their APIs.

While API is defined as a communication mechanism that allows data exchange between two software modules; The API key defines authorized API usage so you can more efficiently protect, manage and monetize your APIs.

* The image of the news was provided by Shutterstock.