Concerns have been raised following reports of a possible data leak involving the government platform gigavoucher.dmrid.gov.cy, operated under the Deputy Ministry of Research, Innovation and Digital Policy.
According to information obtained by Politis.com.cy, personal data relating to approximately 80,000 Cypriot citizens may be included in the exposed database. The data reportedly includes identity details, addresses and bank card information.
Dark web post sparks alarm
The issue came to light after a post appeared on an online forum, in which a user claimed to be in possession of a customer database originating from the government’s gigavoucher platform.
The gigavoucher platform is used to implement Cyprus’ broadband subsidy scheme.
Data protection company Deleteme.com reported that it had recorded public references to a possible exposure of a customer database on the dark web. According to the company, a user operating under the alias “IntelShadow” published a post on the dark web forum DarkForums on 11 February 2026, claiming to possess data extracted from the official gigavoucher portal.
The alleged extraction of the data is said to have taken place on 10 February 2026, while the database was reportedly published at 03:55 on 11 February 2026.
According to the claims, the dataset contains 72,921 records. The information allegedly includes personal data of beneficiaries and authorised representatives, as well as technical service metadata.
Suspicious account activity
Deleteme.com noted that the short lifespan of the account used to publish the data, the minimal posting history and the immediate release of a large volume of information are patterns frequently associated with data leak incidents rather than with long-term or typical participation in online forums.
The company warned citizens not to ignore the possibility of exposure and urged them to take immediate steps to protect their identity.
Earlier, the Deputy Ministry confirmed that an incident of unauthorised access had been detected in relation to data uploaded to the gigavoucher platform. The ministry stated that the platform is hosted by the government network and is no longer operational.
It further clarified that the incident did not involve a breach of the platform itself or of government network systems, but appears to have resulted from the compromise of specific user credentials.
However, the ministry did not specify which categories of personal data may have been affected, nor the number of individuals potentially impacted.
Investigations are ongoing and the relevant supervisory authorities have been informed.