8 Million Armenian Government Records Allegedly Sold on Hacker Forum, Officials Deny Breach
Published on January 13, 2026
Key Takeaways
- Dark Web Sale: A threat actor is offering a dataset allegedly containing 8 million Armenian government records for $2,500 on an underground forum.
- Government Response: Armenian officials have denied an email infrastructure breach but said that data may have been exfiltrated from an electronic civil litigation platform.
- Potential Source: Cybersecurity researchers suggest the data was likely obtained via infostealer malware.
A massive trove of Armenian government-related data is reportedly being sold on a hacker forum by a threat actor identified by the alias "dk0m," who advertises a dataset purported to contain approximately 8 million records. These records are allegedly linked to a government notification system used for official communications from police and judicial bodies.
Investigation into Alleged Armenia Government Data Breach
Armenian authorities have launched an investigation following these claims, which imply the stolen data includes names, addresses, court notifications, police notices, and more. In response to the dark web data sale, Armenia's Public Relations and Information Center (PRIC) issued a statement denying a data breach of the core government email infrastructure.
However, the agency conceded that the leaked files may have been obtained from the state's electronic civil litigation platform, cabinet.armlex.am. An internal probe is underway to confirm the source and method of the data exfiltration.
Cybersecurity researchers from the non-governmental group CyberHUB-AM note that dk0m is a known financially motivated broker who typically acquires access credentials through infostealers.
“This actor has a documented history of selling credentials and databases belonging to ministries in Argentina, Ukraine, and Brazil, often providing high-fidelity samples (official PDFs or database schemas) to prove the validity of their claims to potential buyers,” according to CyberHUB-AM.
Cybersecurity Implications of the Data Leak
CyberHUB-AM warns that scammers could leverage real case numbers, fines, and official notices contained in the data to create highly convincing fraudulent communications, increasing the likelihood that individuals will panic and comply.
A January report from Infostealers by Hudson Rock said dozens of global companies in aviation, defense, engineering, and more have been breached via infostealer credentials.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular