From January 27 to 30, three government agencies in Uzbekistan were targeted by cyberattacks. According to Minister of Digital Technologies Sherzod Shermatov, the stolen data does not allow actions to be taken on behalf of a citizen without their participation, but could be used by fraudsters as a tool for deception.

On February 2, information spread about a leak of personal data of 15 million citizens of Uzbekistan. As reported by a Kun.uz correspondent, details of the cyberattack and its consequences were explained at a press conference at the Ministry of Digital Technologies.

Minister Sherzod Shermatov stated that from January 27 to 30, 2026, cyberattacks were carried out on the information systems of three government agencies. As a result, data of not 15 million, as reported on social media, but approximately 60,000 citizens were exposed.

According to official sources, to address the consequences of the cyberattack, unauthorized access to the information infrastructure was promptly restricted, and technical protection measures were strengthened.

Additionally, enhanced security measures have been implemented in the OneID Unified Identification System. A mechanism has been created to allow or restrict the transfer of personal data to other systems solely with the consent of the data owner.

It is emphasized that a "personal data leak" does not mean a breach of a citizen's personal account. It may involve the acquisition of specific information such as surname, name, date of birth, address, or phone number.

It is noted that even with such data, fraudsters cannot perform any actions on behalf of a citizen without their personal involvement. In this regard, they may make subsequent attempts to obtain additional information.

At the same time, the obtained data set could be used by malicious actors in the future as a means to mislead citizens.

Source: https://kun.uz/ru/news/2026/02/12/v-rezultate-kiberataki-raskryty-dannyye-pochti-60-tysyach-grajdan-sherzod-shermatov