Uzbekistan Confirms Data Leak Affecting 60,000 Citizens

Uzbekistan’s Ministry of Digital Technologies has confirmed that personal data belonging to around 60,000 citizens was compromised following cyberattacks on three state information systems.

The disclosure was made during a press conference attended by Digital Technologies Minister Sherzod Shermatov. The attacks took place between January 27 and 30.

Earlier reports circulating on social media had claimed that data belonging to 15 mln citizens had been leaked. The ministry rejected those claims as false.

Shermatov said unauthorised access to the affected information infrastructure had been blocked. User passwords for the unified identification system OneID were updated and additional safeguards were introduced to strengthen the protection of technical equipment.

The minister stressed that a personal data leak does not necessarily mean that individual accounts were hacked. In most cases, fraudsters obtain limited information such as a name, date of birth, address or phone number.

He warned that criminals cannot use such data independently but may attempt to trick citizens into providing further details, for example by posing as bank employees and requesting SMS verification codes.

Authorities advised citizens to use strong passwords and change them regularly. Two-factor authentication should be enabled for OneID and other online services. People were urged not to share passwords, SMS codes or bank card details with anyone.

Officials also cautioned against clicking on suspicious links and recommended verifying information only through official websites and applications. Citizens were further advised not to trust fake photos or videos of public figures or accounts created in their names.