Uzbek Minister Says No Evidence of 15 Million Citizens’ Data Leak

In early February, The Times of Central Asia reported that the personal data of Uzbek citizens may have been leaked from government information systems and circulated on darknet forums. The report followed online discussions alleging that databases linked to state institutions were being distributed via anonymous platforms. According to posts shared on Reddit, links to online repositories, including darknet resources, allegedly contained data obtained from Uzbek state institutions. Some users claimed the breach could involve the personal information of up to 15 million citizens. The allegations quickly spread across social media, prompting public concern and official responses. On February 12, a press conference was held at the Ministry of Digital Technologies, attended by journalists, media representatives, and members of the public. Minister of Digital Technologies Sherzod Shermatov addressed the reports, stating that the issue had become the subject of widespread discussion in recent days. Shermatov emphasized that information security and personal data protection remain state policy priorities. He said authorized bodies had conducted research immediately after the reports emerged and presented preliminary findings based on technical analysis. According to officials, cyberattacks targeted the information systems of three state agencies between January 27 and 30. However, the claim that data relating to 15 million citizens had been leaked was not confirmed during the initial assessment. Authorities stated that the number of potentially affected records appears to be closer to 60,000, rather than the figure circulating on social networks. During the briefing, officials placed the situation in an international context. They noted that with the rapid expansion of digitalization worldwide, cyberattacks have increased even in technologically advanced countries. In 2025 alone, global losses from cybercrime reportedly reached $10.5 trillion, while more than 16 billion user records were compromised from major corporate platforms. Media reports have described large-scale breaches in several countries, including China, the United States, the United Kingdom, and Indonesia over the past two years. Uzbek officials stressed that the key challenges in such cases are early detection, rapid response, and damage mitigation, followed by strengthening protective systems. They reported that in 2024 more than seven million cyber threats were neutralized through national cybersecurity nodes. In 2025, that figure exceeded 107 million, reflecting both increased activity in cyberspace and expanded monitoring capacity. To contain the recent incident, authorities said unauthorized access to information infrastructure was blocked. Passwords for users of the Unified Identification System, known as OneID, were reset, and additional technical safeguards were introduced. Officials added that new measures now allow users to control whether their personal data can be shared with other systems based on individual consent. Explaining the concept of a personal data leak, officials clarified that it does not automatically mean a citizen’s private account has been hacked. In many cases, limited data, such as a name, date of birth, address, or phone number, may be exposed. On its own, such information does not enable fraudsters to act on behalf of an individual without additional verification data. However, it may be used in social engineering schemes. Authorities...

Uzbekistan Probes Alleged Personal Data Leak from State Information Systems

Reports circulating on social media and Reddit have raised concerns that the personal data of Uzbek citizens may have been leaked from government information systems and shared on darknet forums. In response, several state agencies have issued statements confirming that investigations are underway, and that their systems remain secure. According to posts shared on Reddit, links were posted to online platforms, including darknet sites, allegedly containing data from Uzbek state institutions. Some users claimed the leak could involve personal information on as many as 15 million citizens. These claims quickly gained traction across social media, prompting official responses. On February 3, Uzbekistan’s Cybersecurity Center acknowledged the reports and confirmed that it had launched an investigation. “In recent days, messages have been observed on social networks about the alleged dissemination of personal data of Uzbek citizens from certain state information systems,” the Center said in a statement. It added that a comprehensive review is ongoing and that further details would be shared upon completion of the inquiry. The Center also issued guidance to the public, urging citizens not to disclose personal information to third parties, to use complex usernames and passwords when accessing state and other digital systems, and to avoid entering data through suspicious links. In response to public speculation that information from the recent population and agricultural census may have been compromised, the Statistics Agency also issued a statement. It affirmed that all data collected during the online census, conducted between January 15 and 31, is securely stored. “All collected data are kept in encrypted form on a separate server. There is no reason for concern regarding the safety of census-related information,” the agency said. The State Tax Committee similarly denied any breach involving its systems. Addressing claims circulating on social media and various websites, the committee said it had implemented all necessary cybersecurity measures and that its interactive services and systems were functioning normally and without interruption. The Ministry of Internal Affairs echoed these reassurances, stating that the integrity of its information systems is fully intact. The ministry confirmed that no unauthorized access to personal data under its control had been detected. Authorities emphasized that investigations are ongoing and urged the public to rely on official sources for updates as checks continue.