Uzbekistan investigates alleged leak of state employee data on underground forums

The data was advertised on April 27 on a platform commonly used by cybercriminals to trade stolen information. In the listing, the hacker said they had gained access to the state-run Cyber Security Center's internal systems and to databases allegedly linked to the State Security Service and intelligence personnel.

As evidence, the hacker released what they described as personal details of 100 employees, including names, job titles, and partially masked personal identification numbers. The individual said the full dataset was significantly larger and included more confidential material.

The post, written in English and Russian, warned that unless Uzbek authorities paid $200,000 to prevent further disclosures, additional data would be released, potentially causing “serious consequences.”

The Cyber Security Center denied its systems had been compromised, saying preliminary findings indicated the circulating claims were inaccurate.

“The internal information systems of the Cyber Security Center have not been breached, and such databases are not maintained,” the center said in a statement.

A spokesperson for the agency, Dilshod Turaev, told Kun.uz that the published data did correspond to real employees. He said names and job titles were already publicly available, while the identification numbers were not obtained through a breach of the center’s systems.

“The data appears to be outdated. It is possible that other systems, such as payroll or external servers, were targeted,” Turaev noted, adding that an investigation into the source of the leak was ongoing.

Cybersecurity experts say stolen data circulating on underground forums is typically obtained through exploiting technical vulnerabilities or phishing attacks designed to capture login credentials. In some cases, insiders with authorized access may also be involved.

Extortion demands tied to data leaks are a common tactic, though governments generally do not pay, as this does not guarantee the information will not be released or resold.

Uzbekistan has seen a rise in cyber incidents in recent years. In February, officials confirmed that three government agencies had been targeted in attacks, with around 60,000 personal records compromised.

In 2025, researchers reported that hundreds of surveillance cameras in the country had been left exposed online due to a security flaw, though authorities said the systems were in testing mode and denied any data breach.

A major incident in October 2023 resulted in the online leak of login credentials and personal data linked to more than 200,000 citizens, affecting multiple government and educational platforms.

An unknown hacker has claimed to have breached the internal systems of the Cyber Security Center and published personal data of 100 employees, offering additional, more sensitive information for sale at $200,000.