A threat actor on a dark web forum has allegedly put the full Active Directory database of Uztelecom up for sale. Uztelecom is the national telecommunications operator of Uzbekistan and the country’s largest and most popular provider, playing a critical role in the nation’s communication infrastructure. The seller claims the database contains sensitive information belonging to over 1,000 company employees, offering potential buyers a significant foothold into the company’s internal network.
The compromise of an Active Directory is a severe security incident, as it serves as the backbone for managing user permissions and access to network resources. According to the forum post, the data for sale allegedly includes:
- Full access to the Active Directory
- Emails and passwords of over 1,000 employees
The threat actor provided a sample screenshot as proof of their claims, which appears to show employee account details and domain information. A successful sale of this data could expose Uztelecom to further targeted attacks, corporate espionage, and potential network-wide compromise. The company has not yet released a public statement regarding the alleged incident.
