Millions of users of the Yemeksepeti app are concerned about their personal data after the news claimed that it had been hacked. Users’ personal data was made available for sale in exchange for Bitcoin eight months ago when Yemeksepeti was subjected to another cyber assault. Following the attack that happened 8 months ago, Nevzat Aydin, the former CEO and founder of Yemeksepeti, apologized and stated the following:
“We are continuing to make all developments so that a similar incident does not happen again.”
If the allegations are true, it seems that Yemeksepeti has not done enough to prevent data leaks from happening again.
Hacker group reached journalists
The hacker group, which allegedly hacked Yemeksepeti, first reached Nevzat Aydın. Afterwards, they shared these talks with names such as Recep Baltaş and Mesut Çevik, prominent tech journalists.
Yemeksepeti hacklenmiş. Adamlar doğrudan adresimi yolladılar, yuh! Mailde Nevzat A.'nın bilgileri de var. Hesabı sildirmeden önce oldu demek. İyi ki çıkmışım ama geç kalmışız…#yemeksepeti pic.twitter.com/hrJikYXi7n
— Recep Baltaş (@buckberi) November 15, 2021
“Yemeksepeti is hacked. The guys sent my address directly! Nevzat A.’s information is also included in the mail. It means it happened before I deleted the account. Good thing I’m out but we’re late…”
— Mesut Çevik (@mesutcevik) November 15, 2021
I think the data is leaked again. I just got an e-mail. @yemeksepeti will you make a statement about this? @KVKKurumu @BTKgovtr
The hacker group also reached out to journalist İbrahim Haskoloğlu. İbrahim Haskoloğlu, on the other hand, asked the attackers to send his address and phone number to prove the allegations. According to Haskoloğlu’s statements, the hackers shared the correct address and number with him.
Hackers’ ransom conversations with Nevzat Aydın
Mesut Çevik shared the e-mail in which the hackers explained the conversation they had with Nevzat Aydın.
The hacker group added Nevzat Aydın’s personal data to the end of the e-mail.
Yemeksepeti’s statement about the data leak
Yemeksepeti refuted allegations on Tuesday that its database had been hacked by hackers demanding ransom, noting that the company’s website and mobile application have been used to deliver meals for years.
Yemeksepeti said in an early Tuesday tweet that “some ill-minded” individuals contacted the firm and made threats to release unverified data linked with the platform, demanding ransom in exchange.
It is impossible for Yemeksepeti to even consider evaluating such illegal demands, the company said, adding all related public institutions were informed of the incident and legal processes were launched.
Yemeksepeti also stated that customer data security is of utmost importance for the firm, noting that no breaches or thefts were discovered after extensive investigations. If a data theft occurs, Yemeksepeti plans to pursue a transparent and legal procedure.
The hacker group reached out to Recep Baltaş and commented on Yemeksepeti’s statement.
Hackers, on the other hand, reaffirmed their statement and accused Yemeksepeti of lying since the firm has no idea how the breach occurred, warning that if their demands are not met, they will expose employee addresses and phone numbers within a week.
It was noteworthy that those who claimed to have hacked Yemeksepeti also gave their contact information in the dialogues on Twitter. Considering this situation, Yemeksepeti needed to make a more detailed explanation. The current explanation, unfortunately, does not sound very convincing.