Cyber Incident Victim: podatki.gov.pl

On or around February 28, 2022, a cyberattack disrupted access to Poland’s online tax filing system, attributed to Russian hackers by Polish government officials. Janusz Cieszynski, the official responsible for digitalization, publicly identified Russia as the perpetrator on March 1, stating the attack was highly likely orchestrated by this adversary based on undisclosed government information. The attack employed a distributed denial-of-service (DDoS) technique, which overwhelmed the tax website’s infrastructure and temporarily blocked user access. Cieszynski emphasized that the attack solely disrupted service availability and did not compromise data security or expose taxpayer information. The incident occurred amid heightened diplomatic tensions between Poland and Russia following Russia’s invasion of Ukraine, with Polish authorities framing the attack within broader Western allegations of Russian state-sponsored cyber operations.

The Polish government’s attribution drew immediate denial from the Russian embassy in Warsaw, which dismissed the accusation as baseless and characteristic of unsubstantiated Western claims against Russia. No technical evidence supporting the attribution was disclosed publicly by Polish officials. The primary operational impact was the temporary unavailability of the tax filing platform, though functionality was restored without reported data breaches. No additional defensive measures or long-term technical consequences were detailed in official statements. The incident underscored ongoing geopolitical friction, with Poland explicitly linking the cyber disruption to Russian hostilities while Moscow rejected the narrative as politically motivated fabrication lacking proof.