Hacker Attack Targets Poland’s Public Procurement Office

We’re saying Wesołych Świąt with a 10% discount!

Take advantage of our Xmas offer and get 10% off all courses & lessons – book individual lessons from only 29€ per session or a 12-week group course for just 224€ 249€. Valid until 06.01.2026.

Contact us to claim your discount

The news in Polish

1. zaatakować
   zacząć atakować kogoś lub coś, podjąć działanie mające wyrządzić szkodę ↩︎
2. odwoławczy
   dotyczący odwołań, czyli ponownego rozpatrywania decyzji lub sprawy ↩︎
3. dane  (f.)
   informacje zapisane w formie cyfrowej lub papierowej, które można przetwarzać ↩︎
4. finansowy
   związany z pieniędzmi, wydatkami, budżetem lub gospodarką pieniężną ↩︎
5. wzmacniać
   robić coś silniejszym, trwalszym lub bardziej skutecznym ↩︎
6. zachęcać
   motywować kogoś, żeby coś zrobił, pokazywać, że warto to zrobić ↩︎

Translation

Text comprehension

Question 1: What kind of information might have been in the emails that the hackers accessed?

Question 2: What does the minister encourage people to use to help protect themselves on the internet?

Vocabulary

Polish	English
zaatakować	to attack
odwoławczy	appeal (relating to appeals)
dane  (f.)	data
finansowy	financial
wzmacniać	to strengthen
zachęcać	to encourage

Read the full story

A recent hacker attack on Poland’s Public Procurement Office (Urząd Zamówień Publicznych, UZP) has raised concerns about the security of government e‑mail systems. According to official statements, cybercriminals gained unauthorised access to the e‑mail inboxes of UZP staff and employees of the National Appeals Chamber (Krajowa Izba Odwoławcza, KIO), an institution that deals with disputes in public tenders.

Poland’s Deputy Prime Minister and Minister of Digital Affairs, Krzysztof Gawkowski, announced the incident on the social media platform X. He stated that the attack had been identified and immediately reported to national cybersecurity services. According to Gawkowski, all necessary measures have been launched to secure the systems and to limit the consequences of the breach. Operational activities to identify those responsible are still ongoing.

In a separate communication, the Public Procurement Office confirmed that the attack was the result of a deliberate and harmful action by cybercriminals. Technical analysis shows that the attackers could have downloaded e‑mails stored in the compromised inboxes. These messages may have contained various types of personal data, including identification and contact details, financial information, and other data sent to the office as part of its work, for example in connection with inspections, complaints, applications and appeal procedures.

The office emphasised that, at this stage, there is no evidence that the stolen data has been made public. However, the full scale and impact of the breach are still being examined. Authorities have not yet disclosed who might be behind the attack or whether it is linked to any specific criminal group or foreign actor.

Minister Gawkowski used the incident to highlight a broader trend. He pointed out that the number of cyberattacks in Poland is growing every year and that these attacks are becoming more sophisticated and dangerous. He stressed that all organisations – both public institutions and private companies – should treat digital security as a top priority and comply with the rules defined in Poland’s National Cybersecurity System.

To support this, the government is promoting the platform cyber.gov.pl, also referred to as CyberGov. This site is presented as a “central place” for protection against cyberthreats. It offers practical advice, up‑to‑date security alerts and free protection tools designed to help institutions, businesses and individual users improve their online safety.

For readers unfamiliar with Poland, the Public Procurement Office (UZP) is a central government body responsible for the country’s system of public tenders. It helps create and interpret public procurement law, monitors how these rules are followed and supports both contracting authorities and companies that bid for public contracts. The office also aims to ensure that access to public tenders is non‑discriminatory, transparent and efficient, so that spending of public funds is carried out fairly and openly.

The National Appeals Chamber (KIO), whose staff e‑mails were also affected, plays a key role in resolving disputes related to public procurement procedures. It considers appeals from companies that believe tender rules were broken or decisions were unfair. Because of this, its e‑mail correspondence may contain sensitive business and financial information about tender procedures and participating firms.

Polish media covering the incident broadly agree on the main facts: hackers accessed e‑mail accounts at UZP and KIO, the case was reported to cybersecurity authorities, and investigations are under way. Reports also converge on the view that the incident fits into a wider pattern of growing cyber threats facing state institutions. At the same time, officials stress that, based on current information, there is no confirmation that the compromised data has been publicly leaked.

For observers outside Poland, the case illustrates the vulnerability of key administrative bodies that manage large flows of documents and personal data. It also shows how governments attempt to respond not only by investigating individual attacks, but also by building national cybersecurity frameworks and public platforms intended to strengthen everyday digital protection.

Info: ‘Polish Learner News’ is a service from ‘Let’s Learn Polish’, a language school focused on teaching Polish through various types of online courses, including Polish for beginners. We provide structured learning materials and resources to help learners develop their Polish language skills at an appropriate pace.