The Chairman of the Information Security Committee of the Ministry of Digital Development, Innovations and Aerospace Industry of the Republic of Kazakhstan Ruslan Abdikalikov commented on the information about a data leak from the hacker forum BreachForums, in which Kazakhstani resources were found.
According to Ulysmedia.kz, Abdikalikov stated that no complaints had been received on this matter. He also said that the previously announced information that “an important Kazakhstani bank had been hacked” could not be verified.
“I would like to correct this immediately. If the Ministry of Digital Development issued its own statement on the same day, you cannot say that we were unaware. The Ministry of Digital Development is aware. At that time, no complaints had been received. We are continuing to look into the situation as of today. The supposed important key bank in Kazakhstan is a bank that was closed in our country back in 2021. The bank was closed in 2021; it was some old information. Since the bank no longer exists as a legal entity, we cannot verify this information,” he said.
At the same time, the committee chairman reported that in connection with the personal data leak at Shakarim University in Semey, the department had received a complaint from the State Technical Service. The university now plans to conduct an inspection.
“We are preparing inspection measures. We can send our 'regards' to the rector of that university. Expect the Information Security Committee. We will check and establish how the leak occurred. From the correspondence materials, it is evident that someone from the university administration was selling access to the entire infrastructure,” the statement said.
Commenting on the report of a data leak from Yandex.Eda, Abdikalikov stated that this information had emerged a year ago.
“No citizen of Kazakhstan complained about it at that time. We are conducting an analysis regarding other leaks. Specialists are trying to find data specifically belonging to Kazakhstani citizens in all the leaks. If we precisely identify who these citizens are, we will notify each citizen whose data appears in these leaks via the e-government portal,” he assured.
In turn, the head of the Centre for Analysis and Investigation of Cyber Attacks Olzhas Satiev stated that the so-called hacked “important Kazakhstani bank” is AsiaCreditBank.
“We saw correspondence on closed hacker forums where a user was selling full access to AsiaCreditBank. It was still functioning at that time, but the bank was subsequently liquidated in 2021. The hacker gained access that allowed him to manage the bank's infrastructure, meaning there are over 500 servers, and he could connect to them remotely,” the statement said.
According to lsm.kz, Satiev said that the hacker had sold full access to the bank. He also reported that there is no information yet about the buyer or the hacker.
“The correspondence mentioned that the access had been sold, and he additionally offered for purchase some documents that he had downloaded from the bank's systems. These were documents concerning our citizens,” he stated.
For context, a user under the nickname emo has released the full database of the hacker forum BreachForums online. As has become known, the dump includes user IDs, hashed passwords, private messages, cryptocurrency addresses used to purchase forum credits, etc.
Among the leaked data, Kazakhstani resources were also found:
- Leak of the service station management database - Russia and Kazakhstan - SQL backup, access and SCADA;
- Data from the transport and logistics company Spark;
- Leak of the database of students and applicants of Shakarim University;
- Leak of the B2B 2GIS Kazakhstan database dated 24/06/2022;
- Old leak of Yandex Food user data from Kazakhstan and Russia;
- Leak of Fonbet user data from Kazakhstan and Russia for 2021.