Cifrum.kz Kazakhstan's Digital Environment
Hub · Cybersecurity

Cybersecurity in Kazakhstan

Data leaks, fraud schemes, personal data protection and corporate security — without panic, with concrete step-by-step instructions.

Read articles Useful guides Telegram
Topic navigation

Choose a topic

Leaks and personal data protection

What to do if your data is leaked; Kazakhstan's Personal Data Law; citizen rights.

  • How to check if your data was leaked
  • Kazakhstan's Personal Data Law
  • What to do if EDS key is stolen
  • Removing data from the internet
All articles in this topic

Phishing and banking fraud

Calls from "security service", transfers via Kaspi, deepfakes. What to do right now.

  • Sent money to fraudsters via Kaspi
  • New fraud schemes in 2026
  • Protection from deepfakes
  • Phishing on WhatsApp
All articles in this topic

Corporate security and IS audit

Kazakhstan IS audit requirements, pentests, trade secret protection, incident response.

  • IS audit in Kazakhstan: regulator requirements
  • Top Kazakh cybersecurity companies
  • Protecting corporate email
  • About KZ-CERT
All articles in this topic
Latest

Latest in this section

OTG Cybersecurity Council: Kazakhstan’s Initiative
Top story

OTG Cybersecurity Council: Kazakhstan’s Initiative

Kazakhstan has put forward an initiative to establish a Cybersecurity Council within the Organisation of Turkic States (OTS).

29 May 2026 · admin
Prompts for ChatGPT: A Guide to Creating Instagram Content for Kazakhstan

Prompts for ChatGPT: A Guide to Creating Instagram Content for Kazakhstan

04 Aug 2025
500 personalized emails in 10 minutes: The complete guide to Merging in Microsoft Word

500 personalized emails in 10 minutes: The complete guide to Merging in Microsoft Word

17 Jun 2025
How to choose a Wi-Fi router that won’t let you down: secrets of stable Internet at home

How to choose a Wi-Fi router that won’t let you down: secrets of stable Internet at home

26 May 2025
Artificial intelligence in construction: prospects for the economy of Kazakhstan

Artificial intelligence in construction: prospects for the economy of Kazakhstan

25 May 2025
The Magic of Virtualization: How one piece of hardware does the work of many, simplifying IT for your business

The Magic of Virtualization: How one piece of hardware does the work of many, simplifying IT for your business

23 May 2025
Cloud technologies for business: In simple words, why it is profitable

Cloud technologies for business: In simple words, why it is profitable

23 May 2025
Guides

Useful guides

Guide 01

Sent money to fraudsters

Step-by-step plan for the first 10 minutes to recover the money.

 Guide 02

Check data leaks

How to find out if your data leaked and what steps to take.

 Guide 03

Basic cyber hygiene

7 protection steps: passwords, 2FA, VPN, antivirus, backups.

 Guide 04

EDS protection

What to do if your electronic signature key is stolen or compromised.

 Guide 05

Protection from deepfakes

How to recognize voice fakes and video deepfakes in calls and messages.
Reader trust

How we cover technology

«The main cybersecurity rule: a 30-second pause protects better than any antivirus.»

Cifrum.kz covers cyber threats in Kazakhstan without panic but with concrete step-by-step instructions.

  • We rely on official sources: Ministry of Digital Development of Kazakhstan, Astana Hub, second-tier banks, peer-reviewed publications.
  • Every analysis is cross-checked with industry practitioners, engineers and executives.
  • Two-step editorial fact-checking and explicit disclosure of any conflicts of interest.
  • No sponsored content disguised as editorial material.
FAQ

Common questions

+What to do if you sent money to fraudsters via Kaspi?
First — immediately call the bank (1408 for Kaspi) and block the card. Second — file a police report (102) with the fraudster's phone number, transfer time and amount. Third — submit an official request through the mobile app asking the bank to halt the transaction. If the money hasn't been withdrawn from the recipient's account yet, there is a chance to reverse it.
+How to check if your data has leaked in Kazakhstan?
There are no government services in Kazakhstan to check leaks by IIN. Use international services like haveibeenpwned.com (by email) and dehashed.com. If data has leaked — change all passwords, enable 2FA, replace EDS via eGov.
+What's the penalty for spreading personal data in Kazakhstan?
Under the Code of Administrative Offences, fines for individuals — up to 60 MCI, for officials — up to 200 MCI, for legal entities — up to 1,000 MCI. Under the Criminal Code (Art. 147) for illegal collection or distribution — up to 3 years of imprisonment.
+Who has the right to demand an IIN in Kazakhstan?
IIN may be requested by government bodies providing services, banks opening accounts or issuing credit, notaries and medical institutions. Private companies — only with legal grounds (e.g. an employment contract). Shops and trade outlets have no right to demand an IIN.
+What is social engineering in plain language?
Social engineering is manipulating a person into giving fraudsters money, passwords or data themselves. A call from the "bank security service", an email from the "boss", a fake login page — that's social engineering. According to Kazakh bank statistics, 80% of fraud cases are exactly social engineering.
Editorial contacts

Contact the editors

Cifrum · Tsifrovoy RUM

Got a story, tip or question on this section?

Reach the editorial team by phone, email, messengers or via the contact form on /kontakty/.

071400, Republic of Kazakhstan, Semey,
26 Kabanbay Batyr St., office 227
Submit a news tip 87055822147 info@cifrum.kz Telegram WhatsApp Instagram
Get directions
Scroll to Top