A major cyberattack has rocked Poland’s financial technology sector after hackers breached the systems of SuperGrosz, one of the country’s most popular online lending platforms, stealing extensive personal data from thousands of users. The incident has been described by Polish officials as “very serious,” raising renewed concerns over the security of digital financial platforms and the growing frequency of cyber threats targeting Polish institutions.

The cyberattack, confirmed by Poland’s Deputy Prime Minister and Minister of Digital Affairs, Krzysztof Gawkowski, has resulted in the theft of highly sensitive personal data from SuperGrosz customers. According to Gawkowski, the stolen information “ended up in the hands of criminals,” suggesting that the data may already be circulating among cybercrime networks or on illicit online marketplaces.

The scope of the breach is alarming. The stolen records reportedly include a wide range of personally identifiable information (PII), such as names, nationalities, PESEL numbers (Poland’s national ID), identity card details, residential and mailing addresses, phone numbers, email addresses, and even Facebook identifiers. In addition, the hackers gained access to data related to marital status, number of children, employment details, employer addresses, tax identification numbers (NIP), declared income, bank account numbers, and other financial data.

In essence, the information stolen from SuperGrosz users could allow cybercriminals to conduct identity theft, financial fraud, or social engineering attacks. Experts warn that the combination of PESEL numbers and banking information is particularly dangerous, as it can be used to open fraudulent accounts or apply for loans in victims’ names.

Minister Gawkowski emphasized the gravity of the situation in a statement posted on X (formerly Twitter), calling it “a very serious cyber security incident” and confirming that specialized teams were responding. The CSIRT KNF (Computer Security Incident Response Team for the Financial Supervision Authority) and CSIRT NASK (the National Research Institute’s cybersecurity team) have taken charge of the investigation, working alongside data protection regulators and law enforcement agencies.

Authorities are now developing an online verification tool that will allow citizens to check whether their personal data has been compromised in the breach. The tool, expected to be launched soon, is part of the government’s broader strategy to improve digital resilience and public awareness following a growing number of cyberattacks targeting Polish organizations.

In his public advisory, Gawkowski urged all SuperGrosz users to take immediate precautions, including:

• Freezing their PESEL numbers through the government’s mObywatelmobile application, which prevents criminals from using these identifiers for financial transactions.
• Changing passwords on email and financial accounts.
• Enabling two-factor authentication (2FA) wherever possible to add a layer of protection against unauthorized access.

Remaining alert for phishing attempts, as hackers often exploit stolen data to craft convincing fraudulent emails or messages designed to steal additional credentials.

SuperGrosz, which is operated by AIQLABS, confirmed the cyberattack on its official website. The company admitted that “unauthorized remote access” to part of its customer database had been achieved through malicious code inserted by hackers. While not all user data was affected, AIQLABS stated that a portion of customer records had been exfiltrated and that there was a high risk of online disclosure.

In response, the company has:

• Reported the incident to CSIRT KNF, CSIRT NASK, and Poland’s Data Protection Authority (UODO).
• Notified potentially affected users via email.
• Published updates on the Bezpieczne Dane(Safe Data) portal to inform the public about protective steps and updates on the investigation.

AIQLABS also pledged to strengthen its cybersecurity defenses and cooperate fully with regulators and investigators to determine the full scope of the breach.

The SuperGrosz breach is the latest in a troubling string of cyber incidents affecting Polish institutions and private companies. Just days earlier, on November 1, Poland’s widely used BLIK payment system-a key component of the national digital payments infrastructure-was hit by a distributed denial-of-service (DDoS) attack that temporarily disrupted services across several banks.

Around the same period, the Nowa Itaka travel agency disclosed another cyber incident involving partial exposure of customer account data, including email addresses and phone numbers. Although the company confirmed that financial and booking data had not been compromised, the incident added to the growing sense that Poland’s cyber defenses are being tested by increasingly sophisticated adversaries.

Experts believe these attacks may be part of a broader wave of cyber activity targeting Polish institutions, which have faced a noticeable uptick in hacking attempts since Poland increased its role in supporting Ukraine following Russia’s 2022 invasion. Cybersecurity analysts have pointed out that Poland’s government agencies, financial institutions, and media outlets have become frequent targets of both criminal and politically motivated attacks, with some believed to be backed by foreign intelligence groups.

The SuperGrosz breach underscores an urgent lesson for Poland’s rapidly digitizing economy: the financial sector’s cybersecurity posture must evolve faster than the threats it faces. Online lending platforms like SuperGrosz, which handle vast amounts of sensitive financial and personal information, are particularly attractive targets for cybercriminals.

Cybersecurity specialists have long warned that smaller fintech companies often lack the resources or robust infrastructure of traditional banks, making them more vulnerable to advanced intrusions. “Hackers increasingly target the digital middle layer of financial services-companies that are essential to consumers but less fortified than major institutions,” said a Warsaw-based cyber risk analyst commenting on the incident.

The exposure of personal data from SuperGrosz users could also have secondary effects. Criminal groups may use the stolen data in phishing campaigns or to commit synthetic identity fraud, combining elements of real and fake identities to create new financial personas. Victims might face years of reputational and financial damage as they attempt to recover from unauthorized transactions or credit fraud.

Rebuilding user confidence will be a major challenge for AIQLABS and for Poland’s digital finance industry as a whole. The breach has intensified scrutiny from regulators and the public, especially as trust remains a key factor in the adoption of online financial services.

Poland’s Office for Personal Data Protection (UODO) is expected to investigate whether AIQLABS adequately protected user data under the European Union’s General Data Protection Regulation (GDPR). If found negligent, the company could face significant financial penalties, in addition to the reputational fallout already unfolding.

Meanwhile, the government’s emphasis on tools like mObywatel and nationwide digital security awareness campaigns reflects a broader strategy to shield Polish citizens from the escalating cyber threat landscape.

The SuperGrosz cyberattack serves as a stark reminder of the vulnerability that comes with digital convenience. For Poland, a nation investing heavily in e-government and fintech innovation, this breach is both a warning and a test. Authorities and companies must now act decisively to protect citizens’ personal data and rebuild trust in the country’s digital future.

With investigations ongoing, thousands of Polish citizens remain on edge-watching to see how their government and financial institutions respond to one of the most serious data breaches in recent memory.

Please follow Blitz on Google News Channel