Austria’s Federal Ministry of the Interior (BMI) has fallen victim to a targeted cyberattack, details of which emerged only several weeks after the incident. According to the ministry itself, hackers gained unauthorized access to its email servers, forcing a temporary restriction on external email communications.
Roughly 100 of the ministry’s 60,000 staff email accounts were affected. Officials emphasized that, under internal regulations, classified information is never transmitted via email, and all impacted users were notified directly. Systems showing traces of the attackers were isolated, external experts were brought in to assist with the investigation, and security measures were significantly reinforced.
Interior Minister Gerhard Karner assured the public that police operations and access to critical databases—including citizen registries and personal data—were not compromised, and that all core services remain operational. The ministry has already filed a complaint with the prosecutor’s office regarding unlawful access to its computer systems, with the investigation proceeding under an accelerated process. Technical details of the intrusion, including its vectors and methods, are being withheld so as not to jeopardize ongoing inquiries.
During the cleanup and restoration of infrastructure, disruptions persist, particularly in external communications and the distribution of press releases. Karner declined to speculate on who was behind the attack but noted that its signature resembled the work of state-backed or state-affiliated groups. The Directorate for State Security and Intelligence (DSN) was reportedly unaffected. State Secretary Jörg Leichtfried added that the attack was highly professional in nature and reflective of a trend of increasingly frequent incidents worldwide.
The opposition reacted sharply. FPÖ security spokesman Gernot Darmann described the breach as evidence of Karner’s failure in the realm of cybersecurity, reminding the public that Austria’s Foreign Ministry had already been struck by a major cyberattack in 2020. Darmann criticized the ministry for disclosing the breach only weeks after its occurrence, calling such delays unacceptable.
At present, analysts continue to examine the compromised systems while bolstering defenses. The BMI stated that if additional areas requiring investment or modernization are identified, the government will be compelled to take the necessary steps to strengthen Austria’s overall cyber resilience.
