The Polish government accused a Russian government hacking group of hacking into energy facilities taking advantage of default usernames and passwords.

TechCrunch (TC) is a leading technology news and media site that covers the latest trends, startups, and innovations in the tech industry. With breaking news,  analysis, and expert commentary, TechCrunch provides  insights into the world of technology and entrepreneurship. Developers can learn about emerging technologies, funding opportunities, and market trends by following TechCrunch's coverage of the tech industry.

TechCrunch

Russian government hackers breached Poland's energy grid infrastructure in December 2025, exploiting default credentials and lack of multi-factor authentication at wind farms, solar farms, and a heat-and-power plant. The attackers deployed wiper malware to destroy systems, successfully disabling monitoring and control systems at renewable energy facilities, though power stability was never threatened. Poland's CERT attributes the attack to Berserk Bear, while cybersecurity firms ESET and Dragos point to Sandworm, a group with a history of targeting Ukrainian power infrastructure.

Russian hackers breached Polish power grid thanks to bad security, report says