Skip to main content

Data leak of Kazakhstan citizens from a hacker forum

Submitted by Вера Александрова on

There has been a data leak in Telegram – a user under the pseudonym «emo» has posted the full database of the hacker forum BreachForums online. 

According to bluescreen.kz, the forum operated from 2022 to 2023. It was used to trade malware and stolen data. It is believed that there were 15 hackers from Kazakhstan registered on BreachForums.

The TSARKA Cyber Attack Analysis and Investigation Centre is analysing the leak, and it is already known that it includes all data up to 29 November 2022, including user IDs, hashed passwords, private messages, cryptocurrency addresses used to purchase forum credits, and all messages on the site.

Kazakhstani resources have also been found among the leaked data:

  • Leak of a service station management database - Russia and Kazakhstan - SQL backup, access and SCADA;
  • Data from the transport and logistics company Spark;
  • Leak of the database of students and applicants of Shakarim University;
  • Leak of the B2B 2GIS Kazakhstan database from 24.06.2022;
  • Old leak of Yandex Food user data from Kazakhstan and Russia;
  • Leak of Fonbet user data from Kazakhstan and Russia for 2021.

«According to some information, this data was taken from a database backup of the former resource admin, Conor Brian Fitzpatrick. Furthermore, the leak contains various messages from forum members. One of them states that an important Kazakhstani bank has been hacked. At the moment, law enforcement agencies already have this database», comments Olzhas Satiev, founder of TSARKA Group, on the leak.

Among other things, experts have also discovered data leaks from other countries: 

  • 9 hackers from Uzbekistan who were involved in selling data on business objects;
  • A large database of passport and scanned documents, bank statements, KYC and much more totalling 100GB+ (Kazakhstan – Kyrgyzstan – Uzbekistan);
  • 1,200,000 unique emails found in the Yandex Maps database (Azerbaijan – Kyrgyzstan – Uzbekistan);
  • Fresh PayPal accounts (Big Balances) (Azerbaijan) – what exactly is being sold is not specified;
  • 5.09 million buyers / buyer data – latest data – September 2022.

For context, Kazakhstani citizens were previously informed about a leak of their personal data in the «EgovMobile» application. Notifications were also received by those who had never taken out loans from MFOs. 

Later, TSARKA founder Olzhas Satiev discussed how the hacker leak of more than 2 million personal data records of clients of the microfinance organisation Zaimer kz (MFO) allegedly occurred.