On April 27, an unknown hacker listed for sale the personal data of employees of the State Unitary Enterprise “Cybersecurity Center” of Uzbekistan on a platform used by cybercriminals and hackers for data trading.

According to the listing reviewed by Kun.uz, the hacker claims to have “successfully penetrated the internal systems of the Cybersecurity Center” and also “gained access to databases of the State Security Service (SSS) and intelligence personnel.”

As proof, the hacker published personal data of 100 Cybersecurity Center employees, including full names, positions within the organization, and personal identification code numbers. The published numbers are incomplete and described by the hacker as “particularly valuable data.”

The hacker alleges that the data obtained directly from internal databases, including the full list of Cybersecurity Center employees, is “significantly larger.” Additionally, the hacker claims to possess information that is “much more confidential” than what has already been released.

The hacker stated that if Uzbekistan’s official authorities want to “prevent the full publication of data,” they must pay $200,000. “Otherwise, new data will be leaked soon, leading to extremely negative consequences,” the listing reads in English and Russian.

The Cybersecurity Center responded, stating that according to preliminary investigation results, “the disseminated data does not correspond to reality.” “It should be noted that the internal information systems of the Cybersecurity Center have not been hacked, and such databases are not used,” the official statement said.

Center spokesperson Dilshod Turaev confirmed to a Kun.uz correspondent that the published personal data indeed belongs to employees. He noted that employees’ names and positions are also listed on the official website. However, the personal identification code numbers were not obtained through a breach of the Cybersecurity Center’s systems.

“It is obvious that this data is quite old. There may have been an attack on our employees’ payroll system or another server. We are now gradually checking possible sources of the leak. However, this is not a hack of the Cybersecurity Center’s systems,” Turaev said.

The center also reminded of Article 12-1, Part 2 of the Law “On Informatization,” which requires website owners to verify the accuracy of publicly available information before posting and to immediately remove it if inaccuracies are found.

The Cybersecurity Center said it will inform the public as new information about the incident emerges.

Data on such forums is typically obtained by hacker groups or independent cybercriminals. They often infiltrate internal networks through technical vulnerabilities in servers of government agencies or organizations. Another common method is sending fake links to employees to steal login credentials.

The most dangerous scenario is an insider—an employee with data access who cooperates for a reward. Extorting large sums for non-disclosure is a classic cyberblackmail method. According to experts, states usually do not pay in such situations, as it does not guarantee that the data will not be published later or sold to third parties.

Large-scale data thefts and data center breaches have increased in Uzbekistan’s digital space in recent years. In February, information spread on Reddit about personal data of citizens being leaked to the darknet from state information systems. Later, the Statistics Agency stated it was not related to census or agricultural data.

On February 12, Digital Technologies Minister Sherzod Shermatov confirmed that three government agencies were cyberattacked in January, resulting in the theft of about 60,000 personal records, not 15 million as initially claimed.

In December 2025, TechCrunch reported that due to a cybersecurity vulnerability, hundreds of cameras from traffic monitoring, facial recognition, and license plate recognition systems were exposed. The Traffic Safety Service stated the cameras were in test mode and no personal data leak occurred.

The largest data leak in Uzbekistan occurred in October 2023, when logins, passwords, and personal data of over 200,000 citizens were published. Data from OneID, the State Testing Center, as well as government, educational, search, and payment service websites were exposed.

The Cybersecurity Center noted that this posed real threats to information system security, adding that the data was collected not from a single system but accumulated by hackers through unlicensed software and exploitation of technical vulnerabilities.

Source: kun.uz