Uzbekistan’s National Vehicle Surveillance Network Exposed Online Without a Password
Uzbekistan's entire national vehicle surveillance system was discovered exposed online, password-free. The leak compromises millions of records, including photos, videos, and detailed travel histories, posing a major privacy and security threat.
Uzbekistan's sprawling, nationwide system for tracking vehicles and their occupants has been found exposed on the open internet without a password. Discovered by security researcher Anurag Sen, the security lapse allows anyone to access a massive database containing millions of photos, raw video footage, and the precise locations of vehicles across the country.
Inside the Nationwide Surveillance Leak
The system is operated by the Department of Public Security in Uzbekistan’s Ministry of Internal Affairs and is described as an “intelligence traffic management system” by its maker, Maxvision, a Shenzhen-based surveillance tech company. According to a report from TechCrunch, which verified the exposure, the system pulls data from at least a hundred banks of high-resolution cameras positioned in major cities like Tashkent, Jizzakh, and Qarshi, as well as on crucial transit routes near the Tajikistan border.
System artifacts show the database was first set up in September 2024, with traffic monitoring beginning in mid-2025. The exposed data is granular enough to track a single vehicle's movements for over six months between multiple cities. It captures everything from running red lights to drivers not wearing seatbelts, storing zoomed-in photos and 4K resolution video of the supposed violations.
A Recurring Global Problem
This incident is the latest in a troubling trend of exposed license plate reader (LPR) systems. Earlier this week, news outlet 404 Media reported that dozens of cameras from surveillance giant Flock were left publicly accessible. This follows previous reports from Wired and TechCrunch in recent years about hundreds of similar cameras across the United States being left unsecured online, sometimes for years.
According to TechCrunch, Uzbek authorities, including the Ministry of Internal Affairs, government representatives in the U.S., and the national computer emergency readiness team (UZCERT), did not respond to multiple requests for comment about the exposure. As of the time of writing, the surveillance system remains unsecured and accessible from the internet.
This content is AI-generated based on source articles. While we strive for accuracy, errors may occur. We recommend verifying with the original source.
Related Articles
Tinder now rewards users who scan their irises at a World orb with free in-app boosts. As AI agents flood dating apps, 'being human' is becoming a verified status — and a business model.
Wisconsin Governor Tony Evers vetoed an age verification bill for adult sites, citing privacy concerns. With 25+ states going the other way, the debate cuts to the heart of online freedom vs. child protection.
Okta CEO Todd McKinnon on why AI agents need identity management, the SaaSpocalypse threat, and why the kill switch might be the most important button in enterprise tech.
The same heartbeat reading, DNA sample, or facial scan has radically different legal protections depending on where you live. From 23andMe's bankruptcy to post-Dobbs data weaponization, here's how five legal regimes treat the data your body generates — and why 640 million smartwatch users should care.
Tinder now rewards users who scan their irises at a World orb with free in-app boosts. As AI agents flood dating apps, 'being human' is becoming a verified status — and a business model.
Wisconsin Governor Tony Evers vetoed an age verification bill for adult sites, citing privacy concerns. With 25+ states going the other way, the debate cuts to the heart of online freedom vs. child protection.
Okta CEO Todd McKinnon on why AI agents need identity management, the SaaSpocalypse threat, and why the kill switch might be the most important button in enterprise tech.
The same heartbeat reading, DNA sample, or facial scan has radically different legal protections depending on where you live. From 23andMe's bankruptcy to post-Dobbs data weaponization, here's how five legal regimes treat the data your body generates — and why 640 million smartwatch users should care.
Thoughts
Share your thoughts on this article
Sign in to join the conversation