Data Breach Exposes Over 3.6 Million Sensitive Records from Turkish App "Quran Kuran"
A significant data breach tied to the Turkish app "Quran Kuran" has resulted in the exposure of more than 3.6 million sensitive records, raising serious concerns regarding unauthorized surveillance and privacy infringements for millions of Muslim users. This alarming incident was initially reported by the Cybernews research team on August 15, 2023, when they discovered an unsecured Elasticsearch server that made the sensitive data accessible online without restriction.
The compromised information is directly associated with the Quran Kuran application, which has garnered over one million downloads from the Google Play Store. Developed by Sigma Telecom, a telecommunications company based in Istanbul, the app serves as a resource for users interested in studying the Quran, the sacred text of Islam, while also providing functionality related to prayer timings and practices.
Among the leaked data were extremely sensitive details including geolocation information, device and network identifiers, MAC addresses, subscriber IP addresses, and SIM serial numbers. Such exposure significantly heightens the risk for users as it opens potential avenues for identity theft and various cyber fraud schemes, as highlighted by Cybernews in their reporting.
The incident underscores prevailing vulnerabilities for religious and cultural communities. Notably, this is not the first occurrence where data collected by prayer-related applications has been compromised. In 2020, reports revealed that the U.S. federal government had acquired cellphone location data linked to popular prayer apps, raising critical concerns over privacy and the potential for misuse of religious data. The American Civil Liberties Union (ACLU) characterized the accumulation of data from Muslim app users around the globe as a significant threat to both privacy and religious freedoms.
Analyzing the methods potentially employed in this breach through the lens of the MITRE ATT&CK Matrix, several tactics come to the forefront. Initial access could have been achieved through vulnerabilities in the server configurations, facilitating unauthorized access to sensitive data. The lack of appropriate protections suggests a gap in both persistence tactics, which could allow attackers to maintain access, and privilege escalation strategies, enabling exploitation of the server’s resources.
As more organizations rely on mobile applications for community engagement and support, this breach highlights the urgent need for robust cybersecurity measures. Business owners and app developers must prioritize data protection to safeguard users against similar incidents in the future. The nature of this breach serves as a reminder of the underlying risks associated with inadequate security practices in the tech ecosystem.
For ongoing updates and news regarding cybersecurity incidents, follow our dedicated channels. The importance of vigilance in data protection cannot be overstated, particularly for applications that serve a large user base, such as religious or community-focused platforms.
