“The National System works properly. The KSEF is monitored on an ongoing basis, and the data from the invoices issued are safe.” It was emphasized that the data within the National System of e-Invoices and communication are encrypted.
You can read more information from Poland on the home page
Cyber attack on eInvoices? Ministry of Finance: So far, no data leakage has been reported
“The authorization in the system is secured at the highest available levels. Authentication assumes the security of the qualified certificate system, trusted signature and additional cryptography mechanisms based on symmetric and asymmetric keys. So far, no cases have been reported” – emphasizes the Ministry of Finance.
The ministry also adds that in order to ensure the safety of business transactions, the necessity to have certain authorizations to use the National System of e-Invoices and the requirement of authentication and authorization in the context of a given entrepreneur were introduced.
Niebezpiecznik.pl: Government eInvoice website hacked twice
As Niebezpiecznik.pl reported on Tuesday, an unknown hacker took over the account of one of the employees of the government eFaktura website and, using this account, published or replaced information in several languages, e.g. about free websites for adults. Using this employee’s account, the hacker added nearly 700 entries.
Then it turned out that the government portal eInvoice was also hacked by hackers from Indonesia. This cyber attack took place on September 14. “Bjorka is a hacker who hacked the Indonesian government (and made their data public). In his Twitter profile, he had the location set to Warsaw, which does not mean that he is actually Polish, but as you can see, the Indonesians did not penetrate it too much” – explains Niebezpiecznik .pl.
“Everything looks like a typical SEO back office, that is, the use of a hijacked website for positioning third-party websites” – we read.
On Tuesday, the government announced that access to eInvoices will be temporarily disabled. “We know about the security incident on the website of the Ministry of Development and Technology. Access to the eInvoicing website will be temporarily disabled. After completing the activities, we will publish a report on this matter” – we read in the Twitter post.