{"id":61676,"date":"2023-12-04T11:22:57","date_gmt":"2023-12-04T02:22:57","guid":{"rendered":"https:\/\/monolith.law\/tr\/?p=61676"},"modified":"2024-03-19T11:02:19","modified_gmt":"2024-03-19T02:02:19","slug":"information-leak-crisis-management","status":"publish","type":"post","link":"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management","title":{"rendered":"650.000 Bilgi S\u0131z\u0131nt\u0131s\u0131 \u00d6rne\u011fi: Touken Corp'dan Kriz Y\u00f6netimi ve Avukatlar\u0131n Rol\u00fcn\u00fc \u00d6\u011frenmek"},"content":{"rendered":"\n<p>2005 y\u0131l\u0131nda (Japon Ki\u015fisel Bilgi Koruma Yasas\u0131) olarak bilinen Ki\u015fisel Bilgi Koruma Yasas\u0131&#8217;n\u0131n tam anlam\u0131yla y\u00fcr\u00fcrl\u00fc\u011fe girmesiyle birlikte, ki\u015fisel bilgileri i\u015fleyen i\u015fletmeler g\u00fcvenlik y\u00f6netimi \u00f6nlemleri almak zorunda kalm\u0131\u015ft\u0131r. Ancak, ki\u015fisel bilgi s\u0131z\u0131nt\u0131lar\u0131 dur durak bilmeden devam etmektedir.<\/p>\n\n\n\n<p>Bilgi s\u0131z\u0131nt\u0131s\u0131 olaylar\u0131 meydana geldi\u011finde, \u00f6zellikle \u00f6nemli olan \u015fey, bu durumla nas\u0131l ba\u015fa \u00e7\u0131k\u0131laca\u011f\u0131 ve h\u0131zd\u0131r. \u00d6zellikle bilgi g\u00fcvenli\u011fi konusunda uzman personeli olmayan k\u00fc\u00e7\u00fck ve orta \u00f6l\u00e7ekli i\u015fletmelerde, ne yap\u0131lmas\u0131 gerekti\u011fine hemen karar verilemeyen durumlar olabilir.<\/p>\n\n\n\n<p>Bu nedenle, bu sefer, T\u014dken Corporation&#8217;\u0131n bilgi s\u0131z\u0131nt\u0131s\u0131 olay\u0131na ili\u015fkin \u015firketin tepkisini temel alarak, bilgi s\u0131z\u0131nt\u0131lar\u0131na kar\u015f\u0131 kriz y\u00f6netim sistemi hakk\u0131nda a\u00e7\u0131klama yapaca\u011f\u0131z.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_53 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Bilgi_Sizintisinin_Genel_Bakisi\" title=\"Bilgi S\u0131z\u0131nt\u0131s\u0131n\u0131n Genel Bak\u0131\u015f\u0131\">Bilgi S\u0131z\u0131nt\u0131s\u0131n\u0131n Genel Bak\u0131\u015f\u0131<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Yasadisi_Erisimin_Ortaya_Cikisi_ve_Ilk_Tepki\" title=\"Yasad\u0131\u015f\u0131 Eri\u015fimin Ortaya \u00c7\u0131k\u0131\u015f\u0131 ve \u0130lk Tepki\">Yasad\u0131\u015f\u0131 Eri\u015fimin Ortaya \u00c7\u0131k\u0131\u015f\u0131 ve \u0130lk Tepki<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Ilk_Tepkinin_Onemli_Noktalari\" title=\"\u0130lk Tepkinin \u00d6nemli Noktalar\u0131\">\u0130lk Tepkinin \u00d6nemli Noktalar\u0131<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Bilgi_Sizintisinin_Ortaya_Cikmasinin_Ardindan_Basin_Bulteni\" title=\"Bilgi S\u0131z\u0131nt\u0131s\u0131n\u0131n Ortaya \u00c7\u0131kmas\u0131n\u0131n Ard\u0131ndan Bas\u0131n B\u00fclteni\">Bilgi S\u0131z\u0131nt\u0131s\u0131n\u0131n Ortaya \u00c7\u0131kmas\u0131n\u0131n Ard\u0131ndan Bas\u0131n B\u00fclteni<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Sizdirilan_Bilgilerin_Icerigi_Hakkinda\" title=\"S\u0131zd\u0131r\u0131lan Bilgilerin \u0130\u00e7eri\u011fi Hakk\u0131nda\">S\u0131zd\u0131r\u0131lan Bilgilerin \u0130\u00e7eri\u011fi Hakk\u0131nda<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Gelecekteki_Onlemler_Hakkinda\" title=\"Gelecekteki \u00d6nlemler Hakk\u0131nda\">Gelecekteki \u00d6nlemler Hakk\u0131nda<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Zarar_Tazminati_ve_Digerleri_Hakkinda_S_S\" title=\"Zarar Tazminat\u0131 ve Di\u011ferleri Hakk\u0131nda S&amp;S\">Zarar Tazminat\u0131 ve Di\u011ferleri Hakk\u0131nda S&amp;S<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Ilk_Basin_Bulteninin_Zamanlamasi_Uzerinde_Supheler_Kaliyor\" title=\"\u0130lk Bas\u0131n B\u00fclteninin Zamanlamas\u0131 \u00dczerinde \u015e\u00fcpheler Kal\u0131yor\">\u0130lk Bas\u0131n B\u00fclteninin Zamanlamas\u0131 \u00dczerinde \u015e\u00fcpheler Kal\u0131yor<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Bildirim_Raporlama_ve_Aciklamanin_Puf_Noktalari\" title=\"Bildirim, Raporlama ve A\u00e7\u0131klaman\u0131n P\u00fcf Noktalar\u0131\">Bildirim, Raporlama ve A\u00e7\u0131klaman\u0131n P\u00fcf Noktalar\u0131<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Suc_Olasiligi_Var_Ise\" title=\"Su\u00e7 Olas\u0131l\u0131\u011f\u0131 Var \u0130se\">Su\u00e7 Olas\u0131l\u0131\u011f\u0131 Var \u0130se<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Kisisel_Kredi_Bilgilerinin_Sizma_Olasiligi_Var_Ise\" title=\"Ki\u015fisel Kredi Bilgilerinin S\u0131zma Olas\u0131l\u0131\u011f\u0131 Var \u0130se\">Ki\u015fisel Kredi Bilgilerinin S\u0131zma Olas\u0131l\u0131\u011f\u0131 Var \u0130se<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Olcek_veya_Etki_Alani_Buyuk_Ise_veya_Tum_Ilgili_Kisilere_Bireysel_Bildirim_Yapilmasi_Zor_Ise\" title=\"\u00d6l\u00e7ek veya Etki Alan\u0131 B\u00fcy\u00fck \u0130se veya T\u00fcm \u0130lgili Ki\u015filere Bireysel Bildirim Yap\u0131lmas\u0131 Zor \u0130se\">\u00d6l\u00e7ek veya Etki Alan\u0131 B\u00fcy\u00fck \u0130se veya T\u00fcm \u0130lgili Ki\u015filere Bireysel Bildirim Yap\u0131lmas\u0131 Zor \u0130se<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Ikinci_Basin_Bulteninin_Yayinlanmasi\" title=\"\u0130kinci Bas\u0131n B\u00fclteninin Yay\u0131nlanmas\u0131\">\u0130kinci Bas\u0131n B\u00fclteninin Yay\u0131nlanmas\u0131<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Krizlere_Yanit_Verme_Merkezi_Olarak_Onlemler_Merkezi\" title=\"Krizlere Yan\u0131t Verme Merkezi Olarak \u00d6nlemler Merkezi\">Krizlere Yan\u0131t Verme Merkezi Olarak \u00d6nlemler Merkezi<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Ozet\" title=\"\u00d6zet\">\u00d6zet<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/monolith.law\/tr\/general-corporate\/information-leak-crisis-management\/#Buromuz_Tarafindan_Alinan_Onlemler\" title=\"B\u00fcromuz Taraf\u0131ndan Al\u0131nan \u00d6nlemler\">B\u00fcromuz Taraf\u0131ndan Al\u0131nan \u00d6nlemler<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Bilgi_Sizintisinin_Genel_Bakisi\"><\/span>Bilgi S\u0131z\u0131nt\u0131s\u0131n\u0131n Genel Bak\u0131\u015f\u0131<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Do\u011fu \u0130n\u015faat \u015eirketi&#8217;nde meydana gelen, yetkisiz eri\u015fim sonucu bilgi s\u0131z\u0131nt\u0131s\u0131n\u0131n ana hatlar\u0131 a\u015fa\u011f\u0131daki gibidir:<\/p>\n\n\n\n<ul>\n<li>Olu\u015fum: 2020 y\u0131l\u0131n\u0131n 20 A\u011fustos &#8211; 12 Eyl\u00fcl tarihleri aras\u0131ndaki 24 g\u00fcn<\/li>\n\n\n\n<li>Ke\u015fif: 2020 y\u0131l\u0131n\u0131n 20 Ekim tarihinde<\/li>\n\n\n\n<li>Sebep: Grubun web sitesinden, \u00e7e\u015fitli kullan\u0131c\u0131 bilgilerini saklayan sunucuya \u00fc\u00e7\u00fcnc\u00fc bir taraf\u0131n yetkisiz eri\u015fimi sebep olmu\u015ftur<\/li>\n\n\n\n<li>Hedef: Grup \u015firketlerinin sitelerine soru soranlar, \u00fcyeler, \u00e7e\u015fitli kampanyalara ba\u015fvuranlar<\/li>\n\n\n\n<li>Bilgi: &#8220;E-posta adresi&#8221;, &#8220;isim&#8221;, &#8220;adres&#8221;, &#8220;telefon numaras\u0131&#8221;, &#8220;\u015fifre&#8221;, &#8220;cinsiyet&#8221;, &#8220;do\u011fum tarihi&#8221; vb.<\/li>\n\n\n\n<li>Adet: Bilgi s\u0131z\u0131nt\u0131s\u0131 olas\u0131l\u0131\u011f\u0131 olan toplam 657,096 ki\u015fisel bilgi<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Yasadisi_Erisimin_Ortaya_Cikisi_ve_Ilk_Tepki\"><\/span>Yasad\u0131\u015f\u0131 Eri\u015fimin Ortaya \u00c7\u0131k\u0131\u015f\u0131 ve \u0130lk Tepki<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>20 Ekim 2020 tarihinde, Touken Corporation, kendi i\u015fletti\u011fi &#8220;Nasluck Kitchen&#8221; web sitesine y\u00f6nelik yasad\u0131\u015f\u0131 eri\u015fimi d\u00fczenli bir inceleme s\u0131ras\u0131nda ke\u015ffetti ve a\u015fa\u011f\u0131daki ilk tepkiyi verdi.<\/p>\n\n\n\n<ul>\n<li>&#8220;Nasluck Kitchen&#8221;\u0131 acil g\u00fcvenlik \u00f6nlemi olarak kapatt\u0131 ve bu site \u00fczerinden hizmet sunmay\u0131 durdurdu.<\/li>\n\n\n\n<li>&#8220;Bilgi G\u00fcvenli\u011fi \u00d6nlemleri Merkezi&#8221;ni kurdu ve d\u0131\u015f \u00fc\u00e7\u00fcnc\u00fc taraf kurulu\u015flara dan\u0131\u015ft\u0131.<\/li>\n\n\n\n<li>11 Kas\u0131m&#8217;a kadar t\u00fcm grup web sitelerini inceledi, ge\u00e7ici g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 d\u00fczeltti ve en fazla s\u0131z\u0131nt\u0131 say\u0131s\u0131n\u0131 ve \u00f6\u011felerini belirledi.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Ilk_Tepkinin_Onemli_Noktalari\"><\/span>\u0130lk Tepkinin \u00d6nemli Noktalar\u0131<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Yasad\u0131\u015f\u0131 eri\u015fim sonucu bilgi s\u0131z\u0131nt\u0131s\u0131 riski tespit edildi\u011finde, hemen a\u015fa\u011f\u0131daki \u00f6nlemleri almal\u0131 ve zarar\u0131n yay\u0131lmas\u0131n\u0131, ikincil zarar\u0131n olu\u015fmas\u0131n\u0131 ve tekrar\u0131n\u0131 \u00f6nlemelisiniz.<\/p>\n\n\n\n<ul>\n<li>Ger\u00e7eklerin do\u011frulanmas\u0131 (yasad\u0131\u015f\u0131 eri\u015fimin nedeni, yol vb.)<\/li>\n\n\n\n<li>Yasad\u0131\u015f\u0131 eri\u015fime u\u011frayan cihaz veya sitenin durdurulmas\u0131<\/li>\n\n\n\n<li>Yasad\u0131\u015f\u0131 eri\u015fime u\u011frayan cihaz veya sitenin a\u011fdan ayr\u0131lmas\u0131<\/li>\n<\/ul>\n\n\n\n<p>Bu durumda dikkat etmeniz gereken nokta, dikkatsizce hareket etmemek ve sistemde kalan kan\u0131tlar\u0131 silmemek i\u00e7in kan\u0131t koruma \u00f6nlemleri alman\u0131z gerekti\u011fidir.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2021\/08\/Information-leak-crisis-management-2.jpg\" alt=\"\" class=\"wp-image-36554\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Bilgi_Sizintisinin_Ortaya_Cikmasinin_Ardindan_Basin_Bulteni\"><\/span>Bilgi S\u0131z\u0131nt\u0131s\u0131n\u0131n Ortaya \u00c7\u0131kmas\u0131n\u0131n Ard\u0131ndan Bas\u0131n B\u00fclteni<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>\u0130lk a\u00e7\u0131klama, 17 Kas\u0131m 2020 tarihinde T\u014dken Corporation&#8217;\u0131n (Tokyo Corporation) web sitesinde yap\u0131ld\u0131.<\/p>\n\n\n\n<p>A\u00e7\u0131klanan bilgiler aras\u0131nda, yetkisiz eri\u015fim hakk\u0131nda genel bilgiler ve gelecekteki \u00f6nlemler gibi konular\u0131n yan\u0131 s\u0131ra, &#8220;Yetkisiz Eri\u015fim Sonucu Bilgi S\u0131z\u0131nt\u0131s\u0131 Olay\u0131 Hakk\u0131nda SSS&#8221; \u015feklinde, gereken bilgilerin olduk\u00e7a detayl\u0131 bir \u015fekilde belirtildi\u011fi bir b\u00f6l\u00fcm de bulunmaktayd\u0131.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>T\u014dken Corporation ve grup \u015firketlerimiz (bundan b\u00f6yle &#8220;grup \u015firketlerimiz&#8221; olarak an\u0131lacakt\u0131r), grup \u015firketlerimizin a\u011f\u0131na \u00fc\u00e7\u00fcnc\u00fc bir taraf\u0131n yetkisiz eri\u015fimde bulundu\u011funu ve grup \u015firketlerimizin i\u015fletti\u011fi Home Mate&#8217;e yap\u0131lan sorgulamalar, grup \u015firketlerinin \u00fcye bilgileri ve \u00e7e\u015fitli kampanyalara yap\u0131lan ba\u015fvurular gibi ki\u015fisel bilgilerin d\u0131\u015far\u0131ya s\u0131zma ihtimali oldu\u011funu 20 Ekim 2020 tarihinde do\u011frulad\u0131.<\/p>\n<\/blockquote>\n\n\n\n<p><a href=\"http:\/\/web.archive.org\/web\/20201117041922\/https:\/www.token.co.jp\/corp\/information\/about_unauthorized\/\" target=\"_blank\" rel=\"noreferrer noopener\">Yetkisiz Eri\u015fim Sonucu Ki\u015fisel Bilgilerin S\u0131zmas\u0131 Hakk\u0131nda[ja]<\/a><\/p>\n\n\n\n<p>Yukar\u0131daki web sayfas\u0131na ba\u011flant\u0131 verilen, <a href=\"http:\/\/web.archive.org\/web\/20201117120104\/https:\/www.token.co.jp\/corp\/information\/about_unauthorized\/pdf\/bs2_related_inquiry_list.pdf#zoom=100\" target=\"_blank\" rel=\"noreferrer noopener\">&#8220;Yetkisiz Eri\u015fim Sonucu Bilgi S\u0131z\u0131nt\u0131s\u0131 Olay\u0131 Hakk\u0131nda SSS&#8221;[ja]<\/a> ba\u015fl\u0131kl\u0131 belgede a\u015fa\u011f\u0131daki konular ele al\u0131nm\u0131\u015ft\u0131r.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Sizdirilan_Bilgilerin_Icerigi_Hakkinda\"><\/span>S\u0131zd\u0131r\u0131lan Bilgilerin \u0130\u00e7eri\u011fi Hakk\u0131nda<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Q Bu sefer hangi bilgiler s\u0131zd\u0131r\u0131ld\u0131?<br> A \u015eirketimizin i\u015fletti\u011fi grup \u015firketler dahil t\u00fcm sitelerde, &#8216;\u0130sim&#8217;, &#8216;Adres&#8217;, &#8216;Telefon Numaras\u0131&#8217;, &#8216;E-posta Adresi&#8217; ve &#8216;\u015eifre&#8217; bilgilerinin s\u0131zd\u0131r\u0131ld\u0131\u011f\u0131n\u0131 d\u00fc\u015f\u00fcn\u00fcyoruz.<\/p>\n<\/blockquote>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Q Kredi kart\u0131 bilgileri s\u0131zd\u0131r\u0131ld\u0131 m\u0131?<br> A Grup \u015firketler dahil \u015firketimizin i\u015fletti\u011fi sitelerde, kredi kart\u0131 numaras\u0131 veya My Number (Japon Ki\u015fisel Kimlik Numaras\u0131) gibi ki\u015fisel tan\u0131mlama bilgileri hi\u00e7bir \u015fekilde tutulmamaktad\u0131r, bu nedenle s\u0131zma riski bulunmamaktad\u0131r.<\/p>\n<\/blockquote>\n\n\n\n<p>S\u0131zd\u0131r\u0131lan bilgiler hakk\u0131nda a\u00e7\u0131klama yaparken, \u2460s\u0131zma olas\u0131l\u0131\u011f\u0131 olan bilgiler ve \u2461s\u0131zma riski olmayan bilgiler olmak \u00fczere iki kategoriye ay\u0131rarak belirtmek, gereksiz endi\u015fe ve kafa kar\u0131\u015f\u0131kl\u0131\u011f\u0131n\u0131 \u00f6nlemeye yard\u0131mc\u0131 olabilir.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2021\/08\/Information-leak-crisis-management-1.jpg\" alt=\"\" class=\"wp-image-36553\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Gelecekteki_Onlemler_Hakkinda\"><\/span>Gelecekteki \u00d6nlemler Hakk\u0131nda<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Q Do\u011fu \u0130n\u015faat&#8217;\u0131n grup \u015firketlerini de i\u00e7eren siteleri, gelecekte de g\u00fcvenle kullanmaya devam edebilir miyim?<br> A Grup \u015firketlerimiz dahil olmak \u00fczere taraf\u0131m\u0131zdan i\u015fletilen t\u00fcm siteler hakk\u0131nda, \u015fu anda, benzeri izinsiz eri\u015fimlere kar\u015f\u0131 g\u00fcvenlik g\u00fc\u00e7lendirmesi tamamlanm\u0131\u015ft\u0131r.<\/p>\n<\/blockquote>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Q Gelecekte ne t\u00fcr bir bilgi y\u00f6netimi uygulanacak?<br> A Gelecekte, gerekti\u011finde \u00fc\u00e7\u00fcnc\u00fc taraf denetim kurulu\u015flar\u0131ndan denetim alacak ve e\u011fer site zafiyetleri gibi bir durum tespit edilirse hemen d\u00fczeltilecek ve daha s\u0131k\u0131 bilgi y\u00f6netimine \u00e7aba g\u00f6sterece\u011fiz.<\/p>\n<\/blockquote>\n\n\n\n<p>Gelecekteki \u00f6nlemlerde, kullan\u0131c\u0131lar\u0131n kulland\u0131\u011f\u0131 sitenin g\u00fcvenlik yan\u0131tlar\u0131, yeniden kullan\u0131m\u0131n m\u00fcmk\u00fcn olup olmad\u0131\u011f\u0131 ve gelecekteki bilgi y\u00f6netim sistemi hakk\u0131nda ayr\u0131nt\u0131l\u0131 bir a\u00e7\u0131klama yapmak \u00f6nemlidir.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Zarar_Tazminati_ve_Digerleri_Hakkinda_S_S\"><\/span>Zarar Tazminat\u0131 ve Di\u011ferleri Hakk\u0131nda S&amp;S<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Q Bilgi s\u0131z\u0131nt\u0131s\u0131n\u0131n kurban\u0131 olan ki\u015fiye \u00f6z\u00fcr paras\u0131 veya rahats\u0131zl\u0131k \u00fccreti \u00f6denir mi?<br> A Bu seferki yetkisiz eri\u015fim sonucu s\u0131zan bilgilerden yola \u00e7\u0131karak, \u00f6z\u00fcr paras\u0131 veya rahats\u0131zl\u0131k \u00fccreti \u00f6deme plan\u0131m\u0131z bulunmamaktad\u0131r. Ancak, bu bilgi s\u0131z\u0131nt\u0131s\u0131 sonucu m\u00fc\u015fterilerimizin maddi zararlar\u0131 olu\u015fmu\u015f ve somut kan\u0131tlar sunulmu\u015fsa, l\u00fctfen firmam\u0131z\u0131n &#8216;Ki\u015fisel Bilgi Dan\u0131\u015fma Merkezi&#8217;ne ba\u015fvurun.<\/p>\n<\/blockquote>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>Q Hat\u0131rlamad\u0131\u011f\u0131m bir \u00e7ekim var. Tazminat alabilir miyim?<br> A E\u011fer m\u00fc\u015fterimizin hesab\u0131ndan hat\u0131rlamad\u0131\u011f\u0131 bir \u00e7ekim yap\u0131ld\u0131ysa, m\u00fc\u015fterimizin do\u011frudan \u00e7ekimi yapan \u015firkete ba\u015fvurmas\u0131n\u0131 rica ederiz. Ayr\u0131ca, bu bilgi s\u0131z\u0131nt\u0131s\u0131n\u0131n neden oldu\u011fu ve hat\u0131rlanmayan bir \u00e7ekimle ba\u011flant\u0131l\u0131 oldu\u011fu anla\u015f\u0131ld\u0131\u011f\u0131nda, rahats\u0131zl\u0131k verdi\u011fimiz i\u00e7in \u00f6z\u00fcr dileriz, ancak l\u00fctfen firmam\u0131z\u0131n &#8216;Ki\u015fisel Bilgi Dan\u0131\u015fma Merkezi&#8217;ne bildirin.<\/p>\n<\/blockquote>\n\n\n\n<p>\u00d6z\u00fcr paras\u0131 ve rahats\u0131zl\u0131k \u00fccreti \u00f6denmeyecek, ancak bilgi s\u0131z\u0131nt\u0131s\u0131n\u0131n neden oldu\u011fu maddi zararlar i\u00e7in zarar tazminat\u0131 konusunda bireysel dan\u0131\u015fmalar yap\u0131lacak ve \u015firket politikas\u0131 a\u00e7\u0131k\u00e7a belirlenmi\u015ftir.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2021\/08\/c6ffb54c82db6b5f3fe161f7f5ec9b60.jpg\" alt=\"\" class=\"wp-image-35961\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Ilk_Basin_Bulteninin_Zamanlamasi_Uzerinde_Supheler_Kaliyor\"><\/span>\u0130lk Bas\u0131n B\u00fclteninin Zamanlamas\u0131 \u00dczerinde \u015e\u00fcpheler Kal\u0131yor<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Bir \u015firketin kriz y\u00f6netimi olarak, &#8220;hasar\u0131n geni\u015flemesi&#8221;, &#8220;ikincil hasar\u0131n olu\u015fmas\u0131&#8221; ve &#8220;tekrar\u0131n \u00f6nlenmesi&#8221; \u00f6ncelikli olarak d\u00fc\u015f\u00fcn\u00fclmelidir.<\/p>\n\n\n\n<p>Dolay\u0131s\u0131yla, bilgi s\u0131z\u0131nt\u0131s\u0131 ortaya \u00e7\u0131kt\u0131\u011f\u0131nda, ilk tepkiyi verdikten sonra, ilgili ki\u015filere m\u00fcmk\u00fcn oldu\u011funca h\u0131zl\u0131 bir \u015fekilde bilgi vermek \u00f6nemlidir.<\/p>\n\n\n\n<p>Touken Corporation&#8217;\u0131n Q&amp;A&#8217;s\u0131, geni\u015f bir yelpazede beklenen sorulara dikkatlice yan\u0131t veriyor ve \u00f6nceden avukatlar gibi uzmanlarla dikkatlice haz\u0131rlanm\u0131\u015f oldu\u011fu anla\u015f\u0131l\u0131yor. Ancak, yetkisiz eri\u015fimin ortaya \u00e7\u0131kmas\u0131ndan yakla\u015f\u0131k bir ay sonra yap\u0131lan a\u00e7\u0131klamada \u015f\u00fcpheler kal\u0131yor.<\/p>\n\n\n\n<p>Elbette, bir \u015firket olarak, bir ara\u015ft\u0131rma ve \u00f6nlem ald\u0131ktan sonra a\u00e7\u0131klamak istersiniz, ancak a\u015fa\u011f\u0131daki d\u00f6rt nokta ilk rapor olarak daha erken bir tarihte a\u00e7\u0131klanmal\u0131 m\u0131yd\u0131?<\/p>\n\n\n\n<ul>\n<li>Bilgi s\u0131z\u0131nt\u0131s\u0131n\u0131n ortaya \u00e7\u0131kmas\u0131 ve muhtemel hedefler<\/li>\n\n\n\n<li>S\u0131zan ki\u015fisel bilgilerin i\u00e7eri\u011fi<\/li>\n\n\n\n<li>Kredi bilgilerinin, \u00f6rne\u011fin kart numaras\u0131n\u0131n s\u0131zma olas\u0131l\u0131\u011f\u0131n\u0131n olmad\u0131\u011f\u0131<\/li>\n\n\n\n<li>Gelecek yap\u0131 ve program<\/li>\n\n\n\n<li>\u0130leti\u015fim noktas\u0131<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Bildirim_Raporlama_ve_Aciklamanin_Puf_Noktalari\"><\/span>Bildirim, Raporlama ve A\u00e7\u0131klaman\u0131n P\u00fcf Noktalar\u0131<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Bilgilerin s\u0131zd\u0131\u011f\u0131 durumlarda, sebep ve bilginin i\u00e7eri\u011fine ba\u011fl\u0131 olarak kullan\u0131c\u0131lara, i\u015f ortaklar\u0131na vb. bildirim yapma, denetim kurumlar\u0131na veya polise bildirme, web sitesi veya medya arac\u0131l\u0131\u011f\u0131yla a\u00e7\u0131klama yapmay\u0131 d\u00fc\u015f\u00fcnmeniz gerekmektedir.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Suc_Olasiligi_Var_Ise\"><\/span>Su\u00e7 Olas\u0131l\u0131\u011f\u0131 Var \u0130se<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Yetkisiz eri\u015fimle ilgili bir su\u00e7 olas\u0131l\u0131\u011f\u0131 varsa, ger\u00e7eklerin ara\u015ft\u0131r\u0131lmas\u0131 ve kan\u0131tlar\u0131n korunmas\u0131 i\u00e7in \u00f6nlemler al\u0131nd\u0131ktan sonra, hemen polise bildirilmelidir.<\/p>\n\n\n\n<p>\u00d6rne\u011fin, T\u014dken Corporation (Japon T\u014dken Corporation) durumunda, grup web sitesinin t\u00fcm incelemesi tamamland\u0131ktan bir g\u00fcn sonra, \u0130lgili Bakanl\u0131k olan Japon Kara, Altyap\u0131, Ula\u015ft\u0131rma ve Turizm Bakanl\u0131\u011f\u0131 ve Aichi Prefekt\u00f6rl\u00fck Polis Karargah\u0131&#8217;na zarar raporu verilmi\u015ftir.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Kisisel_Kredi_Bilgilerinin_Sizma_Olasiligi_Var_Ise\"><\/span>Ki\u015fisel Kredi Bilgilerinin S\u0131zma Olas\u0131l\u0131\u011f\u0131 Var \u0130se<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>My Number (Japon Sosyal G\u00fcvenlik ve Vergi Numaras\u0131), kredi kart\u0131 numaras\u0131, banka hesab\u0131, ID ve \u015fifrelerin s\u0131zma olas\u0131l\u0131\u011f\u0131 varsa, hemen ki\u015fiye bildirilmeli ve bu t\u00fcr durumlar\u0131n durdurulmas\u0131 te\u015fvik edilmeli ve ikincil zararlar\u0131n \u00f6nlenmesi gerekmektedir.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Olcek_veya_Etki_Alani_Buyuk_Ise_veya_Tum_Ilgili_Kisilere_Bireysel_Bildirim_Yapilmasi_Zor_Ise\"><\/span>\u00d6l\u00e7ek veya Etki Alan\u0131 B\u00fcy\u00fck \u0130se veya T\u00fcm \u0130lgili Ki\u015filere Bireysel Bildirim Yap\u0131lmas\u0131 Zor \u0130se<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Web sitesinde bilgi yay\u0131nlama veya bas\u0131n a\u00e7\u0131klamas\u0131 gibi yollarla a\u00e7\u0131klama yap\u0131l\u0131r. Ancak, a\u00e7\u0131klaman\u0131n zarar\u0131n geni\u015flemesine neden olabilece\u011fi durumlarda, a\u00e7\u0131klaman\u0131n zamanlamas\u0131 ve hedef kitlesi gibi fakt\u00f6rler g\u00f6z \u00f6n\u00fcnde bulundurularak bir karar verilmelidir.<\/p>\n\n\n\n<p>Ayr\u0131ca, a\u00e7\u0131klama yaparken \u015feffafl\u0131\u011f\u0131 sa\u011flamak ve olabildi\u011fince ger\u00e7ekleri a\u00e7\u0131klamak, \u015firketin g\u00fcvenilirli\u011fini art\u0131rman\u0131n yan\u0131 s\u0131ra zarar\u0131n geni\u015flemesini \u00f6nlemeye ve benzer olaylar\u0131n \u00f6nlenmesine de yard\u0131mc\u0131 olacakt\u0131r.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2021\/08\/f5998b2ea88a59c00a098bca4bb90a2e.jpg\" alt=\"\" class=\"wp-image-35963\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Ikinci_Basin_Bulteninin_Yayinlanmasi\"><\/span>\u0130kinci Bas\u0131n B\u00fclteninin Yay\u0131nlanmas\u0131<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Do\u011fu \u0130n\u015faat \u015eirketi, 2021 y\u0131l\u0131n\u0131n ba\u015flamas\u0131n\u0131n ard\u0131ndan 9 \u015eubat 2021&#8217;de ki\u015fisel bilgilerin s\u0131zd\u0131r\u0131lmas\u0131 hakk\u0131nda ikinci bir raporu web sitesinde yay\u0131nlad\u0131 ve s\u0131zd\u0131r\u0131lan bilgilerin ve olay say\u0131s\u0131n\u0131n d\u00fczeltilmesini ger\u00e7ekle\u015ftirdi.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>\u00dc\u00e7\u00fcnc\u00fc taraf bir kurulu\u015f taraf\u0131ndan yap\u0131lan adli inceleme sonucunda, s\u0131zd\u0131r\u0131lan bilgilerin yeniden incelenmesi sonucunda baz\u0131 farkl\u0131l\u0131klar tespit edildi. Bu nedenle, l\u00fctfen Ek 1&#8217;deki &#8216;Site ve Hizmetler Baz\u0131nda Bilgiler&#8217; b\u00f6l\u00fcm\u00fcn\u00fc tekrar kontrol etmenizi rica ederiz. (&#8230;) Ayr\u0131ca, s\u0131zd\u0131r\u0131lan olay say\u0131s\u0131 en fazla 657,096&#8217;dan en fazla 655,488&#8217;e d\u00fc\u015fm\u00fc\u015ft\u00fcr.<\/p>\n<\/blockquote>\n\n\n\n<p>\u0130\u00e7erik, yukar\u0131daki d\u00fczeltmeler d\u0131\u015f\u0131nda, istenmeyen e-postalar ve \u015f\u00fcpheli e-postalara nas\u0131l yan\u0131t verilece\u011fi gibi konular\u0131n eklenmesi d\u0131\u015f\u0131nda, temel i\u00e7erik ilk bas\u0131n b\u00fclteniyle hemen hemen ayn\u0131d\u0131r ve bu yay\u0131n sonuncusu olmu\u015ftur.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Krizlere_Yanit_Verme_Merkezi_Olarak_Onlemler_Merkezi\"><\/span>Krizlere Yan\u0131t Verme Merkezi Olarak \u00d6nlemler Merkezi<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Do\u011fu \u0130n\u015faat \u015eirketi, haks\u0131z eri\u015fim tespit edildikten sonra bir &#8220;Bilgi G\u00fcvenli\u011fi Merkezi&#8221; kurmu\u015f ve d\u0131\u015f \u00fc\u00e7\u00fcnc\u00fc taraf kurulu\u015flarla ve polisle i\u015fbirli\u011fi yaparak tekrarlanan olaylar\u0131n \u00f6nlenmesi i\u00e7in \u00e7aba g\u00f6stermi\u015ftir.<\/p>\n\n\n\n<p>Bu organizasyonun yap\u0131s\u0131 belirsiz olsa da, sadece sistem g\u00fcvenli\u011fi \u00f6nlemleri de\u011fil, hedef kullan\u0131c\u0131lara ileti\u015fim, medya yan\u0131tlar\u0131, hissedar yan\u0131tlar\u0131, hukuki sorumluluklar\u0131n de\u011ferlendirilmesi gibi i\u015flemleri e\u015f zamanl\u0131 olarak ger\u00e7ekle\u015ftirmek gerekti\u011fi i\u00e7in, genellikle a\u015fa\u011f\u0131daki gibi d\u0131\u015f \u00fc\u00e7\u00fcnc\u00fc taraf kurulu\u015flar\u0131n ve uzmanlar\u0131n kat\u0131l\u0131m\u0131 gereklidir.<\/p>\n\n\n\n<ul>\n<li>B\u00fcy\u00fck yaz\u0131l\u0131m \u015firketleri<\/li>\n\n\n\n<li>B\u00fcy\u00fck g\u00fcvenlik uzman\u0131 sat\u0131c\u0131lar\u0131<\/li>\n\n\n\n<li>Siber g\u00fcvenlik konusunda derin bilgiye sahip d\u0131\u015f avukatlar<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Ozet\"><\/span>\u00d6zet<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Bu sefer oldu\u011fu gibi, 650.000&#8217;den fazla ki\u015fisel bilginin b\u00fcy\u00fck \u00f6l\u00e7ekli s\u0131z\u0131nt\u0131s\u0131 ortaya \u00e7\u0131kt\u0131\u011f\u0131nda, &#8220;ilk tepki&#8221; ve &#8220;bildirim, raporlama ve yay\u0131mlama&#8221; ve &#8220;g\u00fcvenlik \u00f6nlemleri&#8221; \u00f6nem kazan\u0131r.<\/p>\n\n\n\n<p>\u00d6zellikle h\u0131z\u0131n gerekti\u011fi yerler, sadece ilk tepki de\u011fil, ayn\u0131 zamanda polise ve ilgili bakanl\u0131klara bildirim ve raporlama ve ilgili taraflara yay\u0131mlama (bas\u0131n b\u00fclteni) i\u00e7erir.<\/p>\n\n\n\n<p>Ancak, yanl\u0131\u015f bir \u00e7\u00f6z\u00fcm uyguland\u0131\u011f\u0131nda, tazminat sorumlulu\u011fu gibi sorunlarla kar\u015f\u0131la\u015fma olas\u0131l\u0131\u011f\u0131 da vard\u0131r, bu y\u00fczden kendi ba\u015f\u0131n\u0131za karar vermek yerine, siber g\u00fcvenlik konusunda bilgi ve deneyime sahip bir avukata \u00f6nceden dan\u0131\u015fman\u0131z\u0131 \u00f6neririz.<\/p>\n\n\n\n<p>Capcom&#8217;un k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131 nedeniyle bilgi s\u0131z\u0131nt\u0131s\u0131nda kriz y\u00f6netimi hakk\u0131nda ilgisi olanlar, detaylar\u0131 makalede anlatt\u0131\u011f\u0131m\u0131z i\u00e7in l\u00fctfen bir g\u00f6z at\u0131n.<\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/capcom-information-leakage-crisis-management\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/capcom-information-leakage-crisis-management[ja]<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Buromuz_Tarafindan_Alinan_Onlemler\"><\/span>B\u00fcromuz Taraf\u0131ndan Al\u0131nan \u00d6nlemler<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Monolith Hukuk B\u00fcrosu, \u00f6zellikle IT ve hukuk alanlar\u0131nda y\u00fcksek uzmanl\u0131\u011fa sahip bir hukuk firmas\u0131d\u0131r. B\u00fcromuz, Tokyo Borsas\u0131 Prime listesindeki \u015firketlerden giri\u015fimlere kadar \u00e7e\u015fitli durumlar i\u00e7in s\u00f6zle\u015fme olu\u015fturma ve inceleme hizmetleri sunmaktad\u0131r. E\u011fer bir sorununuz varsa, l\u00fctfen a\u015fa\u011f\u0131daki makaleye ba\u015fvurunuz.<\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/contractcreation\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/contractcreation[ja]<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>2005 y\u0131l\u0131nda (Japon Ki\u015fisel Bilgi Koruma Yasas\u0131) olarak bilinen Ki\u015fisel Bilgi Koruma Yasas\u0131&#8217;n\u0131n tam anlam\u0131yla y\u00fcr\u00fcrl\u00fc\u011fe girmesiyle birlikte, ki\u015fisel bilgileri i\u015fleyen i\u015fletmeler g\u00fcvenlik y\u00f6netim [&hellip;]<\/p>\n","protected":false},"author":32,"featured_media":64527,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[24,29],"acf":[],"_links":{"self":[{"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/posts\/61676"}],"collection":[{"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/comments?post=61676"}],"version-history":[{"count":3,"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/posts\/61676\/revisions"}],"predecessor-version":[{"id":64528,"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/posts\/61676\/revisions\/64528"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/media\/64527"}],"wp:attachment":[{"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/media?parent=61676"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/categories?post=61676"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/monolith.law\/tr\/wp-json\/wp\/v2\/tags?post=61676"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}