Cyber Incident Victim: Warsaw Municipal Police

On or around August 6, 2022, the Warsaw Municipal Police experienced a disruptive cyberattack targeting their 19115 municipal service system. The attack involved a sustained flood of thousands of identical spam emails that overwhelmed the agency's operational capacity. According to reports, the emails contained repetitive notifications about the same incorrectly parked vehicle, suggesting a deliberate attempt to disrupt workflows rather than a typical phishing campaign. The bombardment began on Saturday and continued intermittently, with each wave generating identical reports that operators were forced to manually review and reject. This repetitive influx saturated the system's processing capabilities, creating a significant bottleneck in handling legitimate citizen reports submitted through the same platform. The 19115 system serves as Warsaw's primary channel for residents to submit non-emergency municipal requests, making its disruption consequential for routine city operations.

The attack paralyzed the Municipal Police's ability to prioritize and assign legitimate service requests due to the sheer volume of fraudulent submissions. Operators became unable to efficiently process authentic reports while simultaneously managing the spam rejection process, leading to operational delays across the city's complaint management workflow. No data theft or system compromise was indicated in available reports, with the primary impact being service degradation rather than information exfiltration. The incident exposed vulnerabilities in the system's capacity to filter or automatically mitigate bulk spam attacks targeting municipal infrastructure. While the exact duration of the disruption remains unspecified in public reports, the attack highlighted how even low-complexity email flooding tactics could cripple critical civic response mechanisms when deployed at sufficient scale against unprotected systems.