Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants
The hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply. The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek.
Poland’s Internal Security Agency (ABW) has documented a significant escalation in cyberattacks targeting industrial control systems (ICS) and other operational technology (OT) infrastructure during 2024 and 2025, with state-sponsored threat actors increasingly shifting focus toward the physical disruption of critical services.
A Polish official revealed in August 2025 that a cyberattack could have caused a city to lose its water supply, but the attack was thwarted. No technical information was shared at the time.
The government agency’s new report [written in Polish] provides more information about these types of attacks on the country’s water sector.
Related breach coverage
- Cyberattacks on Poland’s Water Plants: A Blueprint for Hybrid Warfare2026-05-08
Poland’s ABW confirmed hackers breached ICS at five water plants, gaining ability to alter equipment settings. Russia-linked APT groups suspected. Poland’s Internal Security Agency (ABW) has published a detailed account of a sustained campaign targeting the country’s water plants, documenting security breaches at five water treatment facilities in 2025. The incidents mark one of the […]
- Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion2026-05-07
Dragos has published a report describing how threat actors used Claude AI in an attack on a water and drainage utility in Mexico. The post Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion appeared first on SecurityWeek.
- Webinar Today: Securing Identity Across Humans, Machines and AI2026-05-07
From service accounts to AI-driven processes, identity is evolving faster than most security programs can adapt. Discover strategies for reducing risk and regaining control. The post Webinar Today: Securing Identity Across Humans, Machines and AI appeared first on SecurityWeek.
- AI Firm Braintrust Prompts API Key Rotation After Data Breach2026-05-08
Hackers accessed one of the company’s AWS accounts and compromised AI provider secrets stored in Braintrust. The post AI Firm Braintrust Prompts API Key Rotation After Data Breach appeared first on SecurityWeek.