Uzbekistan Cyberattack Exposes 60,000 Data Records, Not 15 Million as Initially Claimed
On 12 February, Uzbekistan’s Digital Technologies Minister Sherzod Shermatov clarified the scope of a recent cyberattack targeting three undisclosed government agencies between 27 and 30 January. Contrary to viral social media claims suggesting the leak of 15 million citizens’ personal data, the breach exposed 60,000 unique data records a figure representing individual data points (e.g., names, birthdates, or addresses) rather than the number of affected individuals.
Shermatov confirmed that while hackers successfully accessed certain systems, the incident did not constitute a mass compromise of citizen accounts. The attackers were described as skilled and sophisticated, but the ministry emphasized that the exposure was limited, with no evidence of full digital identities being stolen. Law enforcement is investigating the types of data accessed.
The attack occurs amid a surge in cyber threats against Uzbekistan, with over 107 million attempted intrusions prevented in 2025 up from 7 million in 2024. Projections for 2026 estimate 200 million potential attacks, reflecting the country’s expanding digital infrastructure and growing appeal to global threat actors.
In response, authorities blocked further unauthorized access and strengthened security for OneID, Uzbekistan’s centralized digital identity platform. New measures require citizens to personally authorize data access by banks, telecoms, and other entities, shifting control to users. While fraudsters cannot fully impersonate individuals with partial data, officials warned of secondary scams, such as social engineering attacks leveraging exposed details to trick victims into revealing sensitive information.
The incident underscores the risks of misinformation in cybersecurity reporting and the need for transparency in assessing breach impacts. For Uzbekistan, the attack serves as a catalyst for enhanced vigilance, while globally, it highlights the persistent threat of cybercrime in rapidly digitizing economies.
Source: https://thecyberexpress.com/uzbekistan-cyberattack-limited-to-60k-records/
Government of Uzbekistan TPRM report: https://www.rankiteo.com/company/the-ministry-for-development-of-itc-of-the-republic-of-uzbekistan
"id": "the1770978433",
"linkid": "the-ministry-for-development-of-itc-of-the-republic-of-uzbekistan",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Public Sector',
'location': 'Uzbekistan',
'name': 'Three undisclosed government agencies',
'type': 'Government'}],
'customer_advisories': 'Warning about secondary scams and social engineering '
'attacks leveraging exposed details',
'data_breach': {'number_of_records_exposed': '60,000',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Personally identifiable information '
'(partial)',
'type_of_data_compromised': ['Names',
'Birthdates',
'Addresses']},
'date_detected': '2025-01-27',
'date_publicly_disclosed': '2025-02-12',
'description': 'On 12 February, Uzbekistan’s Digital Technologies Minister '
'Sherzod Shermatov clarified the scope of a recent cyberattack '
'targeting three undisclosed government agencies between 27 '
'and 30 January. The breach exposed 60,000 unique data '
'records, contrary to viral social media claims suggesting the '
'leak of 15 million citizens’ personal data. The attackers '
'were described as skilled and sophisticated, with no evidence '
'of full digital identities being stolen.',
'impact': {'brand_reputation_impact': 'Potential secondary scams and social '
'engineering risks',
'data_compromised': '60,000 unique data records (e.g., names, '
'birthdates, or addresses)',
'identity_theft_risk': 'Partial data exposure (no full digital '
'identities stolen)',
'systems_affected': 'Three undisclosed government agencies'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Risks of misinformation in cybersecurity reporting and '
'need for transparency in assessing breach impacts',
'post_incident_analysis': {'corrective_actions': 'Strengthened security for '
'OneID, user-controlled data '
'access authorization'},
'recommendations': 'Enhanced vigilance, user-controlled data access '
'authorization, and measures to prevent secondary scams',
'references': [{'date_accessed': '2025-02-12',
'source': 'Digital Technologies Minister Sherzod Shermatov'}],
'response': {'communication_strategy': 'Public clarification by Digital '
'Technologies Minister',
'containment_measures': 'Blocked further unauthorized access',
'law_enforcement_notified': 'Yes',
'remediation_measures': 'Strengthened security for OneID '
'(centralized digital identity '
'platform)'},
'stakeholder_advisories': 'Citizens to personally authorize data access for '
'banks, telecoms, and other entities',
'threat_actor': 'Skilled and sophisticated hackers',
'title': 'Uzbekistan Cyberattack Exposes 60,000 Data Records',
'type': 'Data Breach'}