Ukrainian cybersecurity expert and Member of Parliament Oleksandr Fedienko has raised the alarm after an archive titled diia_users_db_2025.zip appeared online, containing millions of records of citizens’ personal data.
According to Fedienko, the file includes approximately 20 million rows of information, and while only part of it is circulating freely, the full database is reportedly being sold.
He cautioned citizens to take immediate protective measures, stressing that financial numbers should never be reused across multiple services. Ideally, different apps requiring SMS confirmation should be tied to separate phone numbers.
Fedienko also advised setting strong, unique passwords for email accounts, enabling two-factor authentication, and ensuring that email addresses are not directly linked to mobile phone numbers.
The lawmaker warned of a likely surge in phishing attempts, particularly targeting Telegram users, and urged people to check the “Devices” section in their settings to ensure no unauthorized logins.
He noted that while much of the information is already publicly accessible in various registries, its consolidation into one massive dataset makes it especially dangerous. Based on preliminary checks, the data appears to include information up to December 31, 2024, with some entries from early 2025.
Fedienko suspects the leak originated from multiple financial institutions and registries connected to tax authorities.
“This is one of those cases where the information is already out there. The problem is that many people link their financial numbers to social networks and services, putting themselves at risk of losing access,” he said.
The archive, he added, even contains records of individuals who never used the Diia app, further suggesting a broader source of the leak.