The espionage case against Istanbul's imprisoned mayor Ekrem Imamoğlu expanded as Turkish prosecutors launched a sweeping investigation into the alleged leak of personal data belonging to millions of Istanbul residents through digital platforms, the report indicated.
According to Abdurrahman Şimşek from Sabah newspaper, the report by the National Cyber Incident Response Center (USOM) discovered that the data belonging to 3.7 million citizens was transferred from 20 municipal servers to foreign servers and later offered for sale on the dark web for $50,000. The report linked the breach to two projects "Istanbul Senin" (Istanbul Is Yours) and "Istanbul Hanem," both part of the Istanbul Metropolitan Municipality's (IBB) digital transformation initiative.
The investigation by the Istanbul Chief Public Prosecutor's Office's Counterterrorism Bureau found that personal data of about 11.3 million residents, including national ID numbers, family information, addresses, birth dates, phone numbers and polling details, were stored in files such as "hane_veri_mdm.csv" and shared among IBB employees through corporate emails. Some of these files were also sent to foreign companies.
Forensic analysis indicated that IBB databases were mirrored to international systems, with servers secretly integrated into networks based in Germany and the United States. "It has been determined that IBB databases were redirected to external systems using the mirror method. The findings pose a high risk in terms of personal data security," the expert report in the prosecution file stated.
Investigators uncovered that certain municipal IT personnel, who were not authorized to handle sensitive data, obtained technical assistance from abroad, enabling data redirection to external IP addresses. The alleged data transfer reportedly occurred on Nov. 10, 2023, at 1:23 a.m. via a server labeled "BIMSQLServer."
Moreover, further findings also revealed that up to 100 engineers from India-based Grootan Technologies accessed the municipality's servers remotely through VPN connections under the guise of "technical maintenance and analytics support." Experts said these connections indicated insider collaboration that compromised system security.
Prosecutors have launched proceedings against senior IBB officials, including Melih Geçek, Naim Erol Özgüner, Murat Ongun, Necati Özkan and Hüseyin Gün, on charges of "unlawful acquisition of personal data" and "political espionage."
The investigation continues, with authorities analyzing digital evidence and foreign system logs to trace the flow of data. The Istanbul Metropolitan Municipality, run by the main opposition Republican People's Party (CHP), has not yet issued an official statement regarding the allegations.
Imamoğlu, who was suspended from duty earlier on charges of corruption, was arrested for the crime of "political espionage" linked to terrorist groups and foreign states over the past weeks.
Investigators allege that during the 2019 local elections, Imamoğlu, his campaign advisor Necati Özkan and Hüseyin Gün who allegedly maintained ties with foreign intelligence services, collaborated to analyze voter districts, create voter profiles and leak confidential electoral data to foreign intelligence services, actions prosecutors classify as espionage. The stolen data, including private messages and internal correspondence, was used to provide Imamoğlu's campaign an unfair advantage.