What is the scale of the Uzbekistan data leak?

Threat actors claim the leak involves the personal data of approximately 15 million citizens.

Which system was allegedly compromised in the Uzbekistan breach?

The breach is linked to the central OAuth authentication server, known as OneID, which manages access to government and banking services.

Did any government agency confirm the cyberattack?

Yes, the National Agency for Social Protection (IHMA) confirmed a cyberattack on its archival database, though other agencies have denied breaches of their systems.

What types of data were exposed in the leak?

The exposed data reportedly includes full names, PINFL identification numbers, passport details, home addresses, medical records, and workplace information.

What should affected citizens do to protect themselves?

Citizens are advised to change their OneID passwords, enable two-factor authentication, and monitor their financial accounts for unauthorized activity.

Incident

Uzbekistan Investigates Alleged Breach of Central E-Government Authentication Server

published: Feb. 5, 2026

Learn More

Uzbekistan's Cybersecurity Center launched an investigation on February 3, 2026, after reports of a massive data breach affecting approximately 15 million citizens. The incident centers on the alleged compromise of the state's central OAuth authentication server, known as OneID, which serves as the primary gateway for government portals and banking services.

Several agencies initially denied the breach, but the National Agency for Social Protection (IHMA) later confirmed a cyberattack on its archival database. The investigation began after links to stolen database files appeared on Reddit and various darknet forums.

Threat actors reportedly exploited vulnerabilities in the e-government (E-Gov) authentication infrastructure to gain unauthorized access to linked systems. By compromising the central OAuth server, attackers pivoted into databases belonging to the Ministry of Internal Affairs, the National Statistics Committee, and various financial institutions.

According to threat actor claims and preliminary reports, the compromised data includes:

Full names and 14-digit Personal Identification Numbers (PINFL)
Passport numbers and residential addresses
Phone numbers and email addresses
Medical histories and social protection records
Workplace information and mortgage interest rates
User photographs and account metadata

The hackers claim to have stolen records for 15 million individuals.

The Cybersecurity Center established an operational task force to analyze the breach and assess public risks. The National Agency for Social Protection confirmed the attack but emphasized that it primarily affected archival data. The exposure of current records is still being clarified.

Other agencies, including the State Tax Committee and the Statistics Agency, maintain that their primary systems remain secure and that census data is protected by encryption on isolated servers. Authorities have urged the public to rely only on official statements as the technical audit continues.

Experts recommend that all citizens immediately change their OneID passwords and enable two-factor authentication across on all platforms.

Uzbekistan Investigates Alleged Breach of Central E-Government Authentication Server

Read More
City of Helsinki reports data breach of its …
Transport Scotland Apologizes for Email Data Leak
Companies House Logic Flaw Leaks Data of Five …
Rhode Island's state government system hit by cyberattack
Bangladesh Election Commission Website Leak Exposes Data of …