State Register of Poland

History

2025: Suspension due to powerful cyber attack

At the end of April 2024, the government system of the State Register in Poland was subjected to a massive cyber attack. As a result, public services have become unavailable in the country.

According to the RMF24 resource, the attackers used DDoS tactics. This led to the inoperability of the Basic Electronic Population Registration System (PESEL). This register is used to collect basic information identifying the identity and administrative and legal status of Polish citizens and foreigners living in the country. PESEL is a personal identification number consisting of 11 digits.

𝓲

Фото: Freepik

Due to the attack, Polish residents lost the opportunity to pay taxes, use the mCitizen application and register cars in the CEPIK (Central Register of Vehicles and Drivers) system. The attackers deliberately carried out the attack on April 30, 2025 - this is the last day of filing income declarations for individuals and applications for other services.

The incident is being investigated by the cyber police and the Polish Internal Security Agency. The country's digital ministry confirmed there were difficulties "with access to some public services." The agency emphasizes that the attack did not in any way affect "the security of state systems, in particular the data contained in them." The attack affected several digital services dependent on data from the State Register.

Criminals are trying to make it difficult for other users to use systems. I like the analogy of bleeding air from someone's tyre because it's not a serious attack. This is an attack on the principle: we cannot do anything more significant, so we will release air from your wheel, "says Adam Haertle, an employee of the Zaufana Trzecia Strona portal.[1]

Notes