Why One Hacker Is Facing 334 Years For 54 Credit Cards

Since the words “Turkish prison” are more or less synonymous with “terrifyingly awful conditions,” it is in some sense unsurprising that a Turkish hacker is currently looking at a 334-year sentence for stealing some credit card data. Whatever else can be said about the criminal justice system in Turkey, no one will ever accuse it of being insufficiently hardcore when it comes to meting out punishment.

Though, when computer crimes are being punished in multiple hundreds of years, one might question if perhaps the sentencing guidelines need a bit of work.

According to local reports, a 26-year-old hacker has been handed a 135-year sentence by a Turkish court, which will pair up nicely with the 199 years the same gentleman was sentenced to in 2013.

So, what did he do? Hack every bank in Turkey? Loot the national treasury? Almost accidentally start World War III “WarGames” style?

Not quite. Though his formal conviction is for “mass bank fraud,” it seems the hacker in question, Onur Kopçak, actually was convicted Sunday (Jan. 10) of obtaining and selling credit card information.

For a whole 11 cards. The other 199-year sentence was earned in concert with 11 other hackers with whom Kopçak stole card information from 43 bank customers. All in, Kopçak is facing about six years per credit card number he stole.

While some have noted that this punishment seems a bit outsized in relation to the crime, others have noted that Turkey’s traditional method of crime prevention is deterrence via draconian punishment; by making an extreme example, Turkey firmly sends the message that it does not want to be a host nation for the international brigade of cybercriminal nomads.

As a point of comparison, the longest sentence in the U.S. ever handed out for a similar crime was 20 years. It went to Albert Gonzalez — the hacker behind the TJX breach that exposed 90 million credit cards.


Latest Insights: 

The Payments 2022 Study: Building A High-Performance Payments Team For Fraud Detection, a PYMNTS collaboration with Stripe, examines how digital platforms of all sectors and sizes plan to develop their anti-fraud teams as part of their their broader growth and development strategies. Drawing from an extensive survey from approximately 250 payments heads at digital platforms in the U.S. and abroad, our study analyzes how poor anti-fraud capabilities can harm platforms’ long-term growth strategies, and how they can build high-performing teams to tackle these challenges.


To Top