{"id":6143,"date":"2019-07-18T13:10:07","date_gmt":"2019-07-18T10:10:07","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=6143"},"modified":"2019-11-15T14:26:53","modified_gmt":"2019-11-15T11:26:53","slug":"british-airways-fined","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/british-airways-fined\/6143\/","title":{"rendered":"Veri s\u0131z\u0131nt\u0131s\u0131n\u0131n maliyeti: 183 milyon \u00a3"},"content":{"rendered":"<p>Birle\u015fik Krall\u0131k Bilgi Komiserli\u011fi Ofisi (ICO), ge\u00e7en y\u0131lki veri kayb\u0131 nedeniyle British Airways firmas\u0131na 183 milyon $ para cezas\u0131 verece\u011fini bildirdi. Baz\u0131 a\u00e7\u0131lardan, Facebook&#8217;un Cambridge Analytica i\u00e7in ald\u0131\u011f\u0131 AB cezas\u0131 durumunun y\u00fczlerce kat\u0131. Bu yaz\u0131da nelerin yanl\u0131\u015f gitti\u011fini, cezalar aras\u0131nda neden bu kadar y\u00fcksek bir fark oldu\u011funu ve veri koruma hususunu \u00f6nceden d\u00fc\u015f\u00fcnmenin neden iyi bir fikir oldu\u011funu masaya yat\u0131raca\u011f\u0131z.<\/p>\n<h2>British Airways veri s\u0131z\u0131nt\u0131s\u0131 \u2014 neler yanl\u0131\u015f gitti?<\/h2>\n<p>Ge\u00e7ti\u011fimiz sonbaharda British Airways, kurulu\u015fun internet sitesi veya mobil uygulamas\u0131 \u00fczerinden bilet sat\u0131n alan veya biletlerini de\u011fi\u015ftiren ki\u015filere ait verilere 21 A\u011fustos ile 5 Eyl\u00fcl tarihleri aras\u0131nda d\u0131\u015far\u0131dan yasad\u0131\u015f\u0131 bir \u015fekilde eri\u015fildi\u011fini bildirdi. Korsanlar, yakla\u015f\u0131k 500.000 m\u00fc\u015fterinin bilgilerini \u00e7alm\u0131\u015ft\u0131. \u00c7al\u0131nan bilgiler aras\u0131nda, ma\u011fdurlar\u0131n internet \u00fczerinden doldurduklar\u0131 formlara girdikleri kullan\u0131c\u0131 ad\u0131 ve parola, ad ve adres, CVC kodlar\u0131 dahil banka kart\u0131 bilgileri gibi her t\u00fcrl\u00fc bilgi yer al\u0131yordu. <\/p>\n<p>Yap\u0131lan incelemede, British Airways&#8217;in finansal verileri \u00e7almak amac\u0131yla e-ticaret sitelerine k\u00f6t\u00fc ama\u00e7l\u0131 komut dosyalar\u0131 y\u00fckledi\u011fi bilinen Magecart adl\u0131 bir siber su\u00e7 grubunun sald\u0131r\u0131s\u0131na u\u011frad\u0131\u011f\u0131 sonucuna var\u0131ld\u0131. British Airways&#8217;e yap\u0131lan sald\u0131r\u0131 da farkl\u0131 de\u011fildi \u2014 korsanlar, \u015firketin internet sitesine k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n\u0131 y\u00fcklemi\u015fti. Sadece mobil uygulama kullan\u0131c\u0131lar\u0131 etkilendi \u00e7\u00fcnk\u00fc uygulama, baz\u0131 i\u015flevleri do\u011frudan internet sitesinden y\u00fckl\u00fcyordu.<\/p>\n<h3>GDPR cezas\u0131 <\/h3>\n<p>Her ne kadar British Airways durumu gecikmeksizin bildirmi\u015f ve soru\u015fturmaya yard\u0131mc\u0131 olmu\u015f olsa da, \u015firket ceza \u00f6demekten kurtulamayacakt\u0131. GDPR d\u00fczenlemelerine g\u00f6re, Avrupa vatanda\u015flar\u0131n\u0131n ki\u015fisel verilerini i\u015fleyen kurulu\u015flar, veri g\u00fcvenli\u011fini sa\u011flamak i\u00e7in m\u00fcmk\u00fcn olan her \u015feyi yapmal\u0131d\u0131r. \u0130ncelemede tespit edildi\u011fi \u00fczere \u015firketin internet sitesi yeterince korunmuyordu. Olay\u0131n ard\u0131ndan ta\u015f\u0131ma \u015firketi do\u011fal olarak yeni savunma \u00f6nlemlerini uygulamaya sokmu\u015f olsa da, bu durum ya\u015fanan olaydaki sorumlulu\u011funu de\u011fi\u015ftirmedi.<\/p>\n<p>87 milyon kadar kullan\u0131c\u0131s\u0131n\u0131n verilerini s\u0131zd\u0131ran Facebook ise Avrupa&#8217;da sadece 500.000 \u00a3 para cezas\u0131 ile kar\u015f\u0131 kar\u015f\u0131ya kalm\u0131\u015ft\u0131. GDPR \u00f6ncesi 1998 y\u0131l\u0131nda \u00e7\u0131kar\u0131lan Veri Koruma Kanunu gere\u011fince bu rakam, izin verilen azami para cezas\u0131 tutar\u0131yd\u0131.<\/p>\n<h3>G\u00fcvenlik \u00f6nlemleri uygulaman\u0131n maliyeti, al\u0131nabilecek para cihaz\u0131ndan daha d\u00fc\u015f\u00fck<\/h3>\n<p>Ge\u00e7en y\u0131lki s\u0131z\u0131nt\u0131 nedeniyle BA&#8217;n\u0131n \u00f6demesi muhtemel olan para cihaz\u0131n\u0131n tutar\u0131 kesin de\u011fil: ICO, di\u011fer Avrupa veri koruma kurulu\u015flar\u0131 ve British Airways taraf\u0131ndan yap\u0131lan ba\u015fvurular\u0131 de\u011ferlendirecek. Yine de bu tutar g\u00f6sterge niteli\u011findedir. Gereken g\u00fcvenlik \u00f6nlemlerinin uygulanmas\u0131 ve bu olaylar\u0131n \u00f6nlenmesi, \u00e7ok daha ucuza mal oluyor. Avrupal\u0131 kullan\u0131c\u0131lar\u0131n \u00f6zellikle banka \u00f6deme bilgileri gibi ki\u015fisel verilerini i\u015fliyorsan\u0131z, bir an \u00f6nce hareket ge\u00e7menizi ve g\u00fcvenilir g\u00fcvenlik y\u00f6ntemlerini uygulamada gecikmemenizi tavsiye ederiz.<\/p>\n<p>\u0130nternet sitelerini online bilgi kopyalama komutlar\u0131ndan korumaya \u00f6zellikle dikkat edilmesini gerektiren e-ticaret ve online bankac\u0131l\u0131k hizmetlerinde \u00f6nleyici g\u00fcvenlik \u00f6zellikle \u00f6nem arz etmektedir. Kaspersky Doland\u0131r\u0131c\u0131l\u0131k \u00d6nleme platformumuz b\u00fcnyesinde, bir kullan\u0131c\u0131 oturumu s\u0131ras\u0131nda internet sitesinde meydana gelen olaylar\u0131 analiz etmenize olanak veren Otomatik Doland\u0131r\u0131c\u0131l\u0131k Analizi adl\u0131 bir \u00e7\u00f6z\u00fcm bulunmaktad\u0131r. Bu \u00e7\u00f6z\u00fcm, k\u00f6t\u00fc ama\u00e7l\u0131 komut dosyalar\u0131n\u0131n yerle\u015ftirilmesi dahil olmak \u00fczere \u00e7e\u015fitli \u00e7evrimi\u00e7i tehditleri tespit edebilmektedir. Kurumsal internet sitemizin Doland\u0131r\u0131c\u0131l\u0131k \u00d6nleme b\u00f6l\u00fcm\u00fcnde \u00e7\u00f6z\u00fcmle ilgili daha fazla bilgi bulabilirsiniz. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>British Airways, ge\u00e7en y\u0131lki veri ihlali nedeniyle rekor para cihaz\u0131 \u00f6deyebilir.<\/p>\n","protected":false},"author":2484,"featured_media":6144,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[1609,1957,851],"class_list":{"0":"post-6143","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-gdpr","10":"tag-para-cezasi","11":"tag-sizinti"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/british-airways-fined\/6143\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/british-airways-fined\/16139\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/british-airways-fined\/13649\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/british-airways-fined\/18035\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/british-airways-fined\/16173\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/british-airways-fined\/14927\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/british-airways-fined\/18853\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/british-airways-fined\/17604\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/british-airways-fined\/23078\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/british-airways-fined\/27580\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/british-airways-fined\/11949\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/british-airways-fined\/12008\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/british-airways-fined\/10964\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/british-airways-fined\/19683\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/british-airways-fined\/23589\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/british-airways-fined\/24005\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/british-airways-fined\/18663\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/british-airways-fined\/22957\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/british-airways-fined\/22896\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/gdpr\/","name":"GDPR"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6143","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2484"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=6143"}],"version-history":[{"count":5,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6143\/revisions"}],"predecessor-version":[{"id":6759,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6143\/revisions\/6759"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/6144"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=6143"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=6143"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=6143"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}