Security Incident Notice

On 8 June 2026, our security monitoring systems detected unauthorised access to the business email account of one of our employees. The account was compromised as a result of a phishing attack involving the theft of login credentials.

We responded immediately. After the incident was detected, the mailbox was promptly blocked, the login credentials were reset, and the unauthorised person’s access was cut off. We initiated our internal incident response procedure and are conducting a detailed analysis of the scope of the incident, as well as a full audit of the security architecture of our email system.

The incident concerned a single email account. We have determined whether and what data may have been disclosed. Individuals whose data may have been affected by the incident have been, or will be, informed directly and provided with specific recommendations.

We promptly reported the matter to the competent authorities — the Police, the Personal Data Protection Office and CERT — in accordance with applicable regulations. We are also strengthening our email security measures and conducting anti-phishing training for our team.

We ask you to remain vigilant. If you have recently received an unusual message from us — for example, requesting an urgent payment, a change of bank account number, or asking you to click on a link — please do not act on it and contact us by telephone using a number already known to you.

We treat data security as a priority. We apologise for the situation and thank you for your trust.

Contact regarding the incident: biuro@mta.com.pl