In February 2024, it was revealed that Chinese government documents leak contained data of Kazakhstani citizens. By March 15, the Ministry of Digital Development announced unscheduled inspections of the National Pension Fund, Air Astana, and Kazakhtelecom. The Ministry emphasized that criminality is not tied to nationality and refrained from accusing any specific country or organization.
The Ministry, along with the National Security Committee and State Technical Service, completed an analysis of the information security of mobile operators, ensuring no compromise incidents were detected. The companies are safeguarded by domestic security centers and closely collaborate with the National Coordination Center for Information Security.
Additionally, the Ministry initiated unscheduled inspections regarding compliance with Kazakhstan's legislation on personal data protection for the mentioned entities. Further information will be provided upon the completion of the inspections.
On February 16, 2024, a leak of secret data from the Chinese company iSoon (aka Anxun), a subcontractor of China's Ministry of Public Security, was published on GitHub by unknown actors. This company is associated with Chengdu 404, a cyber espionage entity controlled by China known as APT41. The leaked data also contained information about Kazakhstani individuals. Subsequently, on February 20, 2024, the Ministry of Digital Development and the National Security Committee initiated an investigation into the data leak concerning Kazakhstani citizens.
