Skip to content

Alleged Data Breach of the National Bank of Ukraine Souvenir Coin Service Exposes 1.5 Million Records

Dark Web Informer - Cyber Threat Intelligence

Alleged Data Breach of the National Bank of Ukraine Souvenir Coin Service Exposes 1.5 Million Records

February 19, 2026 - 6:36:41 AM UTC
UkraineUkraine
Banking / Government
Standalone API Access Now Available High-volume threat-intelligence data, automated ingestion endpoints, ransomware feeds, IOC data, and more.
View API
Unlock Exclusive Cyber Threat Intelligence
Powered by DarkWebInformer.com
Stay ahead of cyber threats with real-time breach tracking, expert analysis, and high quality evidence - built for security professionals, researchers, journalists, and everyday people who take their privacy seriously.

Quick Facts

Date & Time 2026-02-19 06:36:41 UTC
Threat Actor cyandiboo
Victim Country UkraineUkraine
Industry Banking / Government
Victim Organization National Bank of Ukraine (NBU)
Victim Site coins.bank.gov.ua
Category Data Breach
Severity High
Network Open Web
Total Records ~1.5 Million

Incident Overview

A threat actor using the handle cyandiboo posted a listing on DarkForums claiming to be selling a database from the National Bank of Ukraine's souvenir collectible coin sales service at coins.bank.gov.ua. The dataset is described as a 4 GB SQL dump updated in 2026 containing approximately 1.5 million total records across two files: a customers table with around 270,000 records including emails, phone numbers, and MD5 password hashes, and an orders table with approximately 1.2 million records containing full names, shipping addresses, phone numbers, and emails. Sample data columns visible in the listing also reference customers_inn (tax identification numbers), customers_passport, and bank_id_token fields.

Claim URL - For Subscribers Only

The claim URL for this listing can be found on the Threat Feed or Ransomware Feed for subscribers.

Image Preview

Forum listing showing alleged National Bank of Ukraine database for sale

Latest