Popular Turkish Software Site ‘Gezginler’ Appears to Have Been Breached

Last updated June 23, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

Someone is selling a database containing 600,000 user records that allegedly belong to ‘Gezginler.net’. The records contain usernames, email addresses, and hashed passwords (md5), and the seller is also offering a sample as proof of the database extraction. MD5 is a cryptographic hash function that is nowadays considered insecure, so if you have an account on Gezginler, or if you may be using the same credentials on another website, go ahead and reset your password as soon as possible.

Gezginler, a software download, and online flash games portal, doesn’t appear to be facing any issues. Moreover, they haven’t posted anything about a data breach on their social media channels. As such, we cannot confirm that the data which has appeared on the popular hacking forum does indeed come from Gezginler. We have reached out to the platform, and we will update this post as soon as we hear back.

The same forum user who is selling the Gezginler data has also posted another pack of data containing 92,999 user records that are, again, allegedly the result of a database extraction. The victim, in this case, is ‘websahibi.com’, another Turkish site belonging to a hosting and domain services company. The sample screenshot provided as proof shows full names, email addresses, cleartext passwords, telephone numbers, and physical addresses.

Clearly, this particular seller is focused on Turkish platforms, so we may see more databases from websites operating in the country appearing online soon. In the case of Websahibi, we have no confirmation from the company yet, so a data breach hasn’t been verified here either.

SQL database extraction incidents usually rely on the exploitation of an unpatched bug that allows back-end access. Using SQL injection to dump complete databases is a typical approach. Enumeration and extraction actions should be detected and stopped by security tools, but this is not always the case. The two Turkish websites that we see in these listings appear to be outdated, at least in terms of their user interface, so we wouldn’t be surprised if their security isn’t up to par.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: