Russian Hackers Breached Polish Energy Infrastructure Using Default Credentials

The Polish government has accused a group of Russian-linked hackers of compromising energy infrastructure by exploiting default credentials (unchanged usernames and passwords). The incident, reported in January 2026, specifically targeted facilities in Poland. No operational impacts or disruptions were mentioned in the report. The security flaw exploited stemmed from negligence in basic cybersecurity practices.