On April 27, an ad appeared on one of the darknet marketplaces offering for sale information that the author presented as the personal data of Cybersecurity Center employees. He claimed an alleged “breach of internal systems” and, as “proof,” published a fragment of information on 100 people.

The ad mentioned first and last names, job titles, as well as partially redacted PINFL numbers. In addition, the author asserted that he had larger datasets and “more confidential” information, priced them at $200,000, and threatened further publications.

The Cybersecurity Center stated that there was no leak. According to the agency, a preliminary investigation showed that internal information systems had not been hacked, and that databases of this kind are not used at the institution.

At the same time, according to Kun.uz, in a comment to the outlet the Center confirmed that the individuals mentioned in the publication are indeed its employees. However, the institution emphasizes that the information was not obtained as a result of hacking its internal systems.

“The published data show that it is quite old. Possibly, the attack could have targeted a payroll system or information on another server. We are currently checking potential sources of the leak one by one. However, this is not a hack of the Cybersecurity Center’s systems,” the institution said.

As the Center’s press secretary Dilshod Turaev уточнил, some of the information—last names and job titles—is publicly available on the official website. At the same time, he said, PINFL numbers could not have been obtained as a result of compromising the Center’s systems.