article featured image


On July 2nd, the email accounts of about a dozen members of the Polish parliament were hacked, including the personal account of the prime minister’s top aide Michal Dworczyk. This incident had led to opposition criticism of officials for using private accounts to exchange confidential documents.

As reported by Reuters, the news comes two weeks after the authorities said top Polish government officials had been hit by a far-reaching cyberattack conducted in June that affected over 100 email accounts of current and former government officials.

The Military Counterintelligence Service announced that the hackers’ targets came from almost every parliamentary opposition grouping, and those affected had been notified and had received cybersecurity training.

None of the affected lawmakers were identified in the MCS statement.

Polish Intelligence Agencies Link the Attack to Russia

On June 22nd, Polish counter-intelligence said that it has evidence linking the cyberattack on thousands of email and social media accounts of politicians, public figures, and other Poles to Russia’s secret services.

The MCS said the hackers known as UNC1151 were behind the attack, adding the group’s actions are part of a campaign known as Ghostwriter that has targeted Polish politicians in recent months and that has also affected other countries in the region.

Stanislaw Zaryn, the spokesman for the minister who coordinates Poland’s intelligence agencies, claimed the attack was part of a campaign to destabilize politics in Central Europe.

According to Zaryn,

The services are in possession of information confirming the links of the aggressors with the activity of the Russian special services. Some 100 of the more than 4,350 accounts hit in Poland belong to former and current government members, lawmakers and local administration officials.


Heimdal Official Logo
Email is the most common attack vector used as an entry point into an organization’s systems.

Heimdal® Email Security

Is the next-level email protection solution which secures all your incoming and outgoing comunications.
  • Completely secure your infrastructure against email-delivered threats;
  • Deep content scanning for malicious attachments and links;
  • Block Phishing and man-in-the-email attacks;
  • Complete email-based reporting for compliance & auditing requirements;
Try it for FREE today 30-day Free Trial. Offer valid only for companies.

Some Polish security officials believe the attack is aimed at weakening Poland’s position internationally or straining its ties with Western partners. Warsaw backs sanctions against Russia over its 2014 annexation of Crimea from Ukraine and its support for the authoritarian president of Belarus.

Russia has repeatedly denied carrying out or tolerating cyberattacks following allegations from the United States about cyberattacks on U.S. territory, Ukraine, and Saudi Arabia.

Just last month, G7 Leaders urged Russia to take action against threat actors conducting cyberattacks and using ransomware from within its borders. The reprehension came after a three-day summit of G7 leaders in Britain that also called on Moscow to “stop its destabilizing behaviour and malign activities”.

Author Profile

Cezarina Dinu

Head of Marketing Communications & PR

linkedin icon

Cezarina is the Head of Marketing Communications and PR within Heimdal® and a cybersecurity enthusiast who loves bringing her background in content marketing, UX, and data analysis together into one job. She has a fondness for all things SEO and is always open to receiving suggestions, comments, or questions.

Leave a Reply

Your email address will not be published. Required fields are marked *