News
Poland's Government Sector Hit by Record 3,100+ Weekly Cyberattacks

Check Point Research reports that government institutions in Poland face over 3,100 cyberattacks per week, crossing that threshold for the first time. The firm points to generative AI as a growing channel for corporate data leaks.
Contents
Poland's government sector recorded over 3,100 cyberattacks per week in June 2026, crossing that threshold for the first time, according to data from Check Point Research. The increase puts Polish public institutions well above the national average and calls for closer scrutiny of how generative artificial intelligence is reshaping both attack methods and the channels through which corporate data leaks.
The data comes from the June report by Check Point Research, an Israeli cybersecurity firm that continuously monitors network traffic at corporate clients worldwide. The figure of 3,100 weekly attacks on Polish government institutions means the country's public sector now exceeds the global average for public administration, which stands at 2,270 attacks per week.
Who's Being Targeted
Beyond public administration, the sectors most exposed in Poland turned out to be energy, with over 1,840 attacks per week, and business services, with over 1,640 attacks. The average across all industries in the country came to 1,775 attacks per week, a 3 percent increase compared to the same period a year earlier. The percentage growth looks moderate, but in absolute terms it translates into tens of thousands of additional attack attempts each month against domestic institutions and companies.
Check Point also recorded a marked rise in ransomware attacks, which paralyzed operations at victims in 646 documented cases worldwide, up 33 percent from a year earlier. Ransomware remains the costliest type of incident for companies, since beyond the ransom itself it generates operational downtime and system recovery costs that often exceed the amount demanded by the attackers.
Generative AI as a Leak Channel
The report highlights the growing role of generative artificial intelligence as a source of risk. According to Check Point, 3.9 percent of queries sent to generative AI tools from corporate networks carried a high risk of data leakage, and as many as 85 percent of organizations experienced at least one high-risk incident tied to employees' use of such tools during the period analyzed.
The mechanism is simple: employees paste fragments of confidential documents, source code, or customer data into publicly available chatbots, hoping to work faster, without realizing that data may end up beyond the company's control. In large organizations, where access to popular AI tools is neither restricted nor monitored in any way, the scale of such incidents grows in proportion to the number of employees using these tools on a daily basis.
Attackers are expanding their reach across regions and industries - Omer Dembinsky, data analysis manager at Check Point Research
AI on Both Sides
Check Point stresses that artificial intelligence today operates on both sides of the same conflict. On one hand, AI systems are what allow companies to detect network traffic anomalies faster than analyst teams working manually; on the other hand, those same tools, in the hands of employees using them without adequate safeguards, become a new and hard to control channel for leaking confidential information.
For Polish companies and public institutions, this means investing simultaneously in two areas: AI-based defensive systems capable of detecting increasingly sophisticated attacks, and security policies governing what data employees are allowed to enter into external generative tools. A growing number of large organizations are choosing to deploy their own internal instances of language models specifically to reduce the risk of data leaking through public chatbots.
What This Means for Public Administration
The scale of attacks on Poland's government sector, exceeding the global average, raises the question of whether administration security budgets and procedures are keeping pace with the growth of threats. Public institutions process citizens' data on a scale that makes them a particularly attractive target, while often relying on older IT infrastructure than the private sector, which further increases their vulnerability to attacks using automated, AI-assisted network reconnaissance and infiltration tools.
Sources: Biznes Alert (biznesalert.pl)
