Cyber Incident Victim: Starostwo Powiatowe w Piszu
Date:
Mar 2025
Location:
Poland
Summary
Starostwo Powiatowe w Piszu confirmed that its internal IT systems and those of the associated school administrative unit were subjected to a hacker attack. Analysis by an external firm found no evidence of a data leak, only a temporary loss of access to the systems. During the incident, some departments experienced limited or unavailable customer service, while the Communications Department continued operating normally through external platforms. All data were subsequently restored and the office resumed normal operations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On March 1, 2025, Starostwo Powiatowe w Piszu announced that its internal IT systems and those of Powiatowego Zespołu Ekonomiczno-Administracyjnego Szkół i Placówek w Piszu had been subjected to a hacker attack. The announcement was made in two separate communications published on the same day. According to the statements, customer service in the Department of Communication continued without interruption because its IT systems operate on external platforms independent of the Starostwo’s internal network. In contrast, customer service in the remaining departments could be limited or impossible due to the attack. The external analysis conducted by a third‑party firm found no traces indicating a data leak, but noted a temporary loss of availability of the internal IT systems. The organization emphasized that, as of the time of the announcement, no confirmed leakage of personal data had been detected, although the possibility could not be ruled out. The attack prompted the activation of all necessary security procedures and the initiation of intensive, coordinated work by specialists and appropriate services to restore full functionality. Throughout the incident, the situation was monitored continuously and updates were promised to the public. By the time of the second communication, the external analysis confirmed that all data had been restored and the Office was operating in normal mode. The only lasting effect noted was the temporary unavailability of systems during the attack period.
Immediate actions were taken to secure the internal systems and to minimize potential consequences of the attack. Specialists and relevant services worked on‑site to contain the incident and to restore the affected systems. All required procedures were launched, and the organization maintained ongoing monitoring of the situation. The Department of Communication’s reliance on external platforms allowed it to continue providing services without disruption throughout the incident. After the external analysis confirmed no traces of a data leak, the organization stated that the internal systems had been fully restored and normal operations resumed. Contact information was provided for inquiries, with two phone numbers listed in the respective announcements. The organization communicated that it would continue to inform the public about progress and any further steps. No details about the attackers, their methods, or any potential data exfiltration were disclosed in the available sources. The account is limited to the facts presented in the two official communications dated March 1, 2025. This concludes the factual chronology of the cyber incident affecting Starostwo Powiatowe w Piszu and its associated educational administrative unit.