The information of 4.7 million people from the "Istanbul is Yours" application has been leaked to the dark web.

13.11.2025 00:58

In the indictment prepared as part of the investigation into the "Imamoğlu organized crime group" by the Istanbul Chief Public Prosecutor's Office, it was noted that the data of 4.7 million users of the application named "Istanbul Senin," developed as a result of a tender conducted by the Istanbul Metropolitan Municipality's Information Technology Department, was sent to websites based in the United States and Germany without their consent. It was also recorded that this data was leaked to the 'dark web' under the name "Powerful Greek Army."

The investigation into the 'corruption' allegations against Ekrem İmamoğlu, who was removed from his position as Mayor of Istanbul Metropolitan Municipality and arrested, has been completed. The indictment prepared includes a voice recording by a confidential witness named İlke, detailing the acquisition of citizens' personal data and ballot data through two applications of the IMM, and their leakage and analysis abroad and to private companies. The recording states that a total of 407 suspects, including 105 detained and 5 "complainant suspects," have been indicted in the investigation conducted by the Istanbul Chief Public Prosecutor's Office regarding the "criminal organization for profit" led by İmamoğlu.

ALLEGATION OF LEAKING CITIZENS' PERSONAL DATA, BALLOT DATA, AND LOCATION INFORMATION ABROAD

The indictment states that the 13th action falls under the crime of "providing, disseminating, or acquiring personal data to others," noting that the fundamental philosophy of the criminal organization established and managed by suspect Ekrem İmamoğlu is to use the illicit income obtained for "personal enrichment" and "financing politics."

The indictment notes that the organization aimed to transfer İmamoğlu from the Beylikdüzü Municipality to the Istanbul Metropolitan Municipality (IMM), seize the CHP, and make İmamoğlu a presidential candidate using the illicit income and political power they obtained. It is stated that through Murat Ongun, who has been part of the organization since Beylikdüzü and is appointed as a press advisor, and other members such as Necati Özkan and Melih Geçek, they combined the municipal service applications that citizens downloaded on their phones into a single application, creating the image of 'innovation' to influence society, interfere with citizens' daily routines, and determine the political preferences of the community by acquiring personal data and ballot data, combining citizens' location information, and leaking it abroad and to private companies, while using individuals who are not Turkish citizens during these activities.

ALLEGATION OF PROVIDING LOCATION-BASED TRACKING OF CITIZENS

The indictment includes evaluations regarding an examination of a phone conversation involving Murat Ongun and Serdal Taşkın: "It has been determined that suspect Mustafa Nihat Sütlaş appears to be the owner of a company named 'Reklamist,' which is actually owned by organization leader Murat Ongun, and that they plan to conduct an application through this company to obtain personal data of citizens for the purpose of first the IMM presidency and then the presidential candidacy, initially on a scale of Istanbul and then covering all of Turkey, to track citizens' habits, interest/reaction analysis, daily routines, behavioral profiling of Istanbul voters, and location-based tracking of citizens, thereby conducting systematic organizational propaganda activities aimed at ensuring the preference of organization leader İmamoğlu through political guidance segmentation."

The indictment includes findings from a report prepared by the National Cyber Incident Response Center (USOM): "It has been determined that personal data (name, surname, ID number), GSM, and location (latitude, longitude) of 3.7 million citizens, who are believed to have used the 'Istanbul Senin' application, were acquired by cyber attackers and shared/sold on illegal platforms. It has been determined that data such as latitude, longitude, altitude, IP, phone (brand, model, operating system), userld, and anonymousld belonging to citizens who are believed to have used the 'Istanbul Senin' application were recorded in real-time by the application and sent to websites based in the USA, such as Mixpanel (mixpanel[. ]com), Sentry (sentryf. Jio), and Adjust (adjustf. Jcom), which provide analytical and user behavior tracking services."

ALLEGATION THAT DATA OF 4.7 MILLION WAS LEAKED TO THE 'DARK WEB'

Additionally, the indictment states that the data of 4.7 million citizens was leaked to the 'dark web' under the name "Powerful Greek Army" through the 'Istanbul Senin' application.

The report included in the indictment also states that during the examination of the project named 'İBB Hanem,' which was made available for the use of field and advertising teams to collect citizens' requests and complaints and resolve any issues, it was determined that personal data belonging to 11,360,412 citizens, including identity (name, surname, ID number, mother's name, father's name, gender, date of birth, place of birth), address (province, district code), residence address (district name, neighborhood code, muhtarlık name, street number, avenue number, door number, apartment number), GSM, and ballot information, was found on the server where the application operates.

The indictment states that it was determined that personal data, including identity, address, phone numbers, and ballot information belonging to 11,360,412 citizens, was sent via email to a private company on November 8, 2023.

The indictment emphasizes that the act of acquiring personal data was intended to be carried out through the company named Reklamist, owned by organization leader Ongun, stating that "Impression pixels were placed in the background of advertisements given to news sites through programmatic buying methods, thereby collecting data from users reading negative news, and identifying users through Cookie IDs and advertising IDs to track their behaviors."

The indictment notes that under the title "Lemon Campaign," it was aimed to specifically target the audience reading news against İmamoğlu and guide them with manipulative content.

"THE REACTIONS OF CITIZENS TO IMAMOGLU'S ADS WERE RECORDED"

It was stated in the indictment that the aim was to record the reactions of citizens to Imamoglu's advertisements (turning their heads, ignoring, laughing, etc.) in real-time through cameras set up in the squares, and to transfer this data to a database by matching these reactions with advertisement IDs, with the goal of creating a political map of Istanbul and Turkey by accumulating these data sets.

In the indictment, it was emphasized that, in accordance with the letter sent by the Legal Affairs Department of the Personal Data Protection Authority, no permission was obtained to send the personal data obtained by the organized crime group established by Imamoglu abroad, and it was noted that it was determined that the 4.7 million citizens whose personal data were sent abroad within the scope of the investigation file did not have any KVKK permission in this context.

In the indictment, which emphasized that the data of 11 million 360 thousand 412 citizens were unlawfully obtained and leaked according to the USOM report, it was recorded: "It has been understood that political parties are data controllers as legal entities under Law No. 2820. In this context, it has been understood that the current domestic and foreign voter rolls were sent to the party headquarters at the request of the CHP General Center by the decision of the Supreme Election Council. As can be seen from the statement of the suspect Erol Naim Özgüner, who benefited from the effective remorse provisions, the place where this data was obtained was determined to be the legal entity of the CHP, and the data obtained from the YSK was leaked by the CHP responsible to third parties. It is established that the suspect Naim Erol Özgüner sent this data to suspects İsmet Korkmaz and Sezgin Paydaş, enabling the processing of other personal data, and it is confirmed that these were used by many people in the 2024 local elections."