• KGS/USD = 0.01144 0%
  • KZT/USD = 0.00207 0%
  • TJS/USD = 0.10407 -0.29%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00207 0%
  • TJS/USD = 0.10407 -0.29%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00207 0%
  • TJS/USD = 0.10407 -0.29%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00207 0%
  • TJS/USD = 0.10407 -0.29%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00207 0%
  • TJS/USD = 0.10407 -0.29%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00207 0%
  • TJS/USD = 0.10407 -0.29%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00207 0%
  • TJS/USD = 0.10407 -0.29%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00207 0%
  • TJS/USD = 0.10407 -0.29%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
Menu
Search
26 March 2026
Menu

Viewing results 1 - 6 of 5

Online Safety

Uzbek Minister Says No Evidence of 15 Million Citizens’ Data Leak

In early February, The Times of Central Asia reported that the personal data of Uzbek citizens may have been leaked from government information systems and circulated on darknet forums. The report followed online discussions alleging that databases linked to state institutions were being distributed via anonymous platforms. According to posts shared on Reddit, links to online repositories, including darknet resources, allegedly contained data obtained from Uzbek state institutions. Some users claimed the breach could involve the personal information of up to 15 million citizens. The allegations quickly spread across social media, prompting public concern and official responses. On February 12, a press conference was held at the Ministry of Digital Technologies, attended by journalists, media representatives, and members of the public. Minister of Digital Technologies Sherzod Shermatov addressed the reports, stating that the issue had become the subject of widespread discussion in recent days. Shermatov emphasized that information security and personal data protection remain state policy priorities. He said authorized bodies had conducted research immediately after the reports emerged and presented preliminary findings based on technical analysis. According to officials, cyberattacks targeted the information systems of three state agencies between January 27 and 30. However, the claim that data relating to 15 million citizens had been leaked was not confirmed during the initial assessment. Authorities stated that the number of potentially affected records appears to be closer to 60,000, rather than the figure circulating on social networks. During the briefing, officials placed the situation in an international context. They noted that with the rapid expansion of digitalization worldwide, cyberattacks have increased even in technologically advanced countries. In 2025 alone, global losses from cybercrime reportedly reached $10.5 trillion, while more than 16 billion user records were compromised from major corporate platforms. Media reports have described large-scale breaches in several countries, including China, the United States, the United Kingdom, and Indonesia over the past two years. Uzbek officials stressed that the key challenges in such cases are early detection, rapid response, and damage mitigation, followed by strengthening protective systems. They reported that in 2024 more than seven million cyber threats were neutralized through national cybersecurity nodes. In 2025, that figure exceeded 107 million, reflecting both increased activity in cyberspace and expanded monitoring capacity. To contain the recent incident, authorities said unauthorized access to information infrastructure was blocked. Passwords for users of the Unified Identification System, known as OneID, were reset, and additional technical safeguards were introduced. Officials added that new measures now allow users to control whether their personal data can be shared with other systems based on individual consent. Explaining the concept of a personal data leak, officials clarified that it does not automatically mean a citizen’s private account has been hacked. In many cases, limited data, such as a name, date of birth, address, or phone number, may be exposed. On its own, such information does not enable fraudsters to act on behalf of an individual without additional verification data. However, it may be used in social engineering schemes. Authorities...

Cyber Security

Kazakhstan Confronts Major Data Leak in High-Stakes Security Crackdown

A detective thriller worthy of a Hollywood script is quietly playing out in the daily lives of Kazakhstani citizens, one with implications for nearly every household. At its core lies the largest leak of personal data in Kazakhstan’s history, unfolding across Almaty and Astana. The incident touches on something deeply personal: data that could be weaponized by fraudsters for illicit gain. Sixteen Million Records Exposed In early June, the Telegram channel SecuriXy.kz, known for its cybersecurity reporting, revealed a massive breach of Kazakh citizens' personal data. "A CSV file containing the personal data of Kazakh citizens, containing 16.3 million lines, has been discovered. The table contains the following fields: Last name, First name, Middle name, Gender, Date of birth, ID number, IIN [Bank Identification Number], Mobile phone number, Work phone number, Home phone number, Citizenship, Nationality, Address, Confirmed address, Start and end dates of residence," the channel stated. The analysis identified 16,302,107 records, 16.9 million unique phone numbers, and 15,851,699 unique individual identification numbers (IINs), the number of citizens whose information had been compromised. “The ‘address’ field often contains the addresses of dental clinics, polyclinics, the Tax Committee, universities, and other organizations,” the channel noted. The leak included highly sensitive personal data such as contact details and IINs, which the channel warned could be used for: “Phishing, social engineering, document forgery, and telephone fraud.” The data appears to have been compiled over a significant period. SecuriXy.kz reported that, “Most of the records were entered into the system after 2011,” with over two million added in 2022 alone. Data from 2023-2024 also appears, underscoring the leak's relevance. The revelation sparked swift reactions from officials. The Ministry of Digital Development, Innovation, and Aerospace Industry (MCIAI) released a statement confirming an investigation in collaboration with law enforcement and intelligence agencies. “It should be noted that the initial analysis indicates that the information may have originated from private information systems. No hacker attacks or leaks of personal data from state information systems have been recorded at this time. It is premature to draw final conclusions or confirm the accuracy of the information until the investigation is complete,” the ministry stated, adding that similar past incidents often involved outdated data compiled by service sector firms or microfinance institutions. “The ministry is monitoring the situation," the authorities concluded. "Additional information will be posted after the investigation is complete.” Cybersecurity experts, however, were less dismissive. Enlik Satieva, vice president of the TSARKA Group, a cybersecurity firm affiliated with the government, stressed the seriousness of the breach. "These are not just names," she stated. "The published database contains the most important personal data of citizens. In particular, it includes surnames, first names, patronymics, gender, dates of birth, IINs, citizenship, nationality, residential addresses, registration and residence periods, as well as mobile, home, and work phone numbers." Satieva suggested that some of the data may have been sourced from medical organizations, and that the leak might stem from a specific entity or multiple sources linked through IINs. Criminal Case and Contradictions...

Cyber Security

Personal Data of 16 Million Kazakh Citizens Leaked

Kazakhstan has experienced one of the most extensive personal data breaches in its history. According to Olzhas Satiev, President of the Center for Analysis and Investigation of Cyber Attacks (CARKA), over 16.3 million records, representing nearly the entire population, have been made publicly accessible. Scope of the Breach The compromised data includes surnames, first names, patronymics, gender, date of birth, individual identification numbers (IIN), addresses, phone numbers, citizenship, ethnicity, and other sensitive details. The source of the leak has not been identified. Experts suggest it may be a compilation of previously hacked databases redistributed via closed Telegram channels. Alternatively, it could stem from a new, as yet undetected breach. “This is one of the largest leaks. An investigation is currently underway. We are awaiting information from the technical service of the National Security Committee (KNB),” said Satiev. Government Response and Ongoing Investigation The Ministry of Digital Development, Innovation and Aerospace Industry (MCIA) stated that it is closely monitoring the incident. The ministry’s Information Security Committee, in cooperation with law enforcement and intelligence agencies, is analyzing the leaked data and verifying its relevance. Initial assessments suggest the breach likely originated from private information systems. The MCIA emphasized that no cyberattacks on government databases have been detected. “It is premature to draw final conclusions or confirm the accuracy of the leaked information until the investigation concludes,” the ministry said. Individuals affected by the leak will be notified through the e-government portal. The ministry also noted that previous leaks involved outdated information sourced from microfinance organizations and other commercial entities. Combating the Shadow Data Market Separately, the Ministry of Internal Affairs recently dismantled an organized group involved in the illegal sale of personal data. Authorities say the group accessed state databases and distributed information through Telegram channels, often in cooperation with debt collection agencies. More than 140 individuals, including channel administrators and company executives, were detained. Five suspects remain in custody. Investigators seized over 400 pieces of computer and electronic equipment. “The information was obtained from state databases and distributed through Telegram channels. Work is ongoing to identify all parties involved,” said Zhandos Suinbay, head of the Interior Ministry’s cybercrime division. Criminal proceedings have been launched under Articles 205 (unlawful access to information), 147 (violation of privacy), and 211 (distribution of restricted data) of the Criminal Code of Kazakhstan. The Interior Ministry vowed to intensify efforts to prevent further data breaches and urged citizens to be cautious, particularly when sharing personal information or using unsecured digital platforms.

Close