A recent cyber attack targeting the information management system of Istanbul’s Bağcılar Training and Research Hospital has led to the exposure of all confidential medical records, including X-ray scans and test results, accumulated at the hospital since 2007. The attack, which occurred on April 12, inflicted substantial damage on the hospital’s visual archive and communication system.
Reports suggest that the hackers responsible for the breach demanded $200,000 in exchange for the stolen medical records. An anonymous employee attributed the data breach to the negligent attitude of hospital management, accusing them of attempting to cover up the scandal instead of taking responsibility.
The cyber attack resulted in the disappearance of every item stored in the visual archive system, as there was no backup available. Additionally, the Bilbest system, responsible for storing patient data, lost information equivalent to 12 days’ worth of records.
Efforts to address the issue are underway, with numerous information technology professionals engaged in resolving the situation. However, as of now, the Ministry of Health has not issued any official statement regarding the data leak.
The Bağcılar Training and Research Hospital, located in central Istanbul, provides free health services to approximately 5,000 patients daily and serves around two million patients annually.
This incident highlights the ongoing challenge of data security within Turkey’s public medical sector. It follows a nationwide data leak scandal in 2023, where hackers gained access to personal information of all citizens through the E-government system. The leaked data included names, surnames, names of relatives, addresses, phone numbers, bank account details, and property ownership documents.
