Polish intelligence warns hackers attacked water treatment control systems
The agency did not publicly attribute the incidents to a specific group or country but said Poland faced intensified hostile cyber activity in 2024 and 2025, “with particular emphasis on the special services of the Russian Federation.”
Poland’s domestic intelligence service said attackers breached water treatment facilities in five towns in 2025, in some cases gaining access to industrial control systems that could have disrupted water supplies.
In a new public report, the Internal Security Agency (Agencja Bezpieczeństwa Wewnętrznego, or ABW) said water treatment stations in Jabłonna Lacka, Szczytno, Małdyty, Tolkmicko and Sierakowo were targeted.
“Attackers, gaining access in some cases to industrial control systems, had the ability to alter technical parameters of devices,” the report said, creating “a direct risk” to the continuity of water supply operations.
Source: https://therecord.media/polish-intelligence-warns-hackers-attacked-water-treatment
Related breach coverage
- Cyberattacks on Poland’s Water Plants: A Blueprint for Hybrid Warfare2026-05-08
Poland’s ABW confirmed hackers breached ICS at five water plants, gaining ability to alter equipment settings. Russia-linked APT groups suspected. Poland’s Internal Security Agency (ABW) has published a detailed account of a sustained campaign targeting the country’s water plants, documenting security breaches at five water treatment facilities in 2025. The incidents mark one of the […]
- Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants2026-05-08
The hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply. The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek.
- Pro-Ukraine BO Team and Head Mare hackers appear to team up in attacks against Russia2026-05-08
Researchers at Moscow-based cybersecurity firm Kaspersky said they identified overlapping infrastructure and tools used by both groups — including command-and-control systems operating on the same compromised host — suggesting some coordination.
- RansomHouse says it breached Trellix and exposes internal systems2026-05-08
RansomHouse claimed responsibility for the Trellix breach, adding the security firm to its Tor data leak site and sharing screenshots of internal systems. The RansomHouse ransomware group has claimed responsibility for the recent cyberattack on cybersecurity firm Trellix. To support its claims, the gang published screenshots allegedly showing access to internal Trellix services. In early […]