Polski Standard Płatności, operator of BLIK Poland’s dominant mobile payment system faced a DDoS (Distributed Denial of Service) attack that disrupted payment processing, causing intermittent transaction failures. The attack overwhelmed BLIK’s infrastructure, rendering services temporarily unavailable and affecting millions of users relying on the platform for daily transactions. While the system was restored by 6:30 PM on the day of the incident, the outage created financial inconvenience for customers, merchants, and banks, given BLIK’s role in processing 2.4 billion transactions worth PLN 347 billion (EUR 81.5 billion) in 2024 alone. The attack also targeted Poland’s broader settlement infrastructure, as confirmed by Deputy PM Krzysztof Gawkowski, indicating a coordinated effort to destabilize the country’s digital payment ecosystem. Though no data breach or permanent financial loss was reported, the disruption undermined trust in the system’s reliability, risked reputational damage, and highlighted vulnerabilities in critical financial infrastructure. A similar attack had occurred just days prior, suggesting a persistent threat.
Source: https://www.polskieradio.pl/395/7786/Artykul/3602740,polish-payment-system-hit-by-cyberattack
TPRM report: https://www.rankiteo.com/company/blik-payments
"id": "bli4002140110425",
"linkid": "blik-payments",
"type": "Cyber Attack",
"date": "6/2024",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'All Blik users (exact number '
'unspecified)',
'industry': 'Financial Services / Payments',
'location': 'Poland',
'name': 'Blik (Polski Standard Płatności)',
'size': 'Large (2.4 billion transactions in 2024, PLN '
'347 billion in value)',
'type': 'Mobile Payment System Operator'},
{'industry': 'Financial Services',
'location': 'Poland',
'name': 'Polish Settlement Infrastructure',
'type': 'National Payment Infrastructure'}],
'attack_vector': 'Volumetric DDoS (traffic flood from multiple sources)',
'customer_advisories': ['Users notified via X/Facebook about transaction '
'issues and resolution',
'Guidance for users with pending transactions'],
'date_detected': '2025-11-03',
'date_publicly_disclosed': '2025-11-03',
'date_resolved': '2025-11-03T18:30:00',
'description': 'Blik, Poland’s leading mobile payment system operated by '
'Polski Standard Płatności, experienced intermittent '
'disruptions due to a DDoS (Distributed Denial of Service) '
'attack. The attack overwhelmed servers, causing temporary '
'unavailability of payment processing services. Normal '
'operations were restored by 6:30 p.m. on the day of the '
'incident. A similar attack had also disrupted services on the '
'prior Saturday. The Polish government confirmed that the '
'attack targeted the country’s settlement infrastructure, '
'affecting multiple payment systems.',
'impact': {'brand_reputation_impact': 'Moderate (public disclosure of '
'repeated attacks may erode trust)',
'customer_complaints': 'Likely (mentioned in social media updates '
'about pending transactions)',
'downtime': 'Several hours (intermittent, resolved by 18:30)',
'operational_impact': 'Temporary disruption of payment '
'transactions; users unable to complete '
'transactions during the attack.',
'systems_affected': ['Blik payment processing infrastructure',
'Polish settlement infrastructure']},
'initial_access_broker': {'high_value_targets': ['Payment processing servers',
'Settlement infrastructure']},
'investigation_status': 'Ongoing (implied by monitoring and government '
'statements)',
'post_incident_analysis': {'corrective_actions': ['Enhanced monitoring',
'Infrastructure security '
'improvements (implied)']},
'references': [{'date_accessed': '2025-11-03',
'source': 'Polish Press Agency (PAP)'},
{'date_accessed': '2025-11-03',
'source': 'Blik Official X (Twitter) Account (@BLIKmobile)',
'url': 'https://twitter.com/BLIKmobile/status/[redacted]'}],
'response': {'communication_strategy': ['Public announcements on X (Twitter) '
'and Facebook',
'Real-time updates on service status'],
'containment_measures': ['Traffic filtering',
'Infrastructure hardening'],
'enhanced_monitoring': 'Yes (post-incident continuous '
'monitoring)',
'incident_response_plan_activated': 'Yes (implied by restoration '
'efforts and monitoring)',
'on_demand_scrubbing_services': 'Likely (implied by '
"'infrastructure secured')",
'recovery_measures': ['System restoration',
'Continuous monitoring']},
'stakeholder_advisories': ['Public updates via social media',
'Government statement by Deputy PM Krzysztof '
'Gawkowski'],
'title': 'DDoS Attack Disrupts Blik Mobile Payment Services in Poland',
'type': ['DDoS (Distributed Denial of Service)', 'Availability Attack']}