The National Cyber Security Authority informs the public that, on 25 March 2026, a cyber incident was identified affecting the information technology infrastructure of Albanian Post.
Based on the preliminary assessment, no encrypted or deleted data have been identified, and no service disruptions have been detected as a direct consequence of this incident.
Immediately upon receiving the notification, the Authority initiated all procedures предусмотрed under incident response protocols, establishing a dedicated working group composed of cybersecurity experts. This group promptly began its work in close coordination with the technical staff of Albanian Post, focusing on:
- conducting an in-depth analysis of the incident and verifying any potential compromise;
- identifying indicators of compromise (IOCs);
- analyzing logs and events across critical systems;
- isolating and securing systems to prevent any further impact.
As part of preventive measures and to enable a comprehensive technical analysis, some services were initially temporarily taken offline by Albanian Post, upon the recommendation of the Authority. Currently, all public services are operational.
Meanwhile, certain data suspected to have been exfiltrated have appeared in open sources and are currently being verified for authenticity and origin. At this stage, the volume of potentially exposed data is assessed to be limited.
The National Cyber Security Authority condemns any act that compromises critical information infrastructures and remains committed to ensuring the integrity, confidentiality, and availability of information technology systems in the Republic of Albania.
The Authority will continue to inform the public transparently on further developments and will publish a final report upon completion of the analysis.
For official information, citizens and media are advised to rely exclusively on the official communication channels of the National Cyber Security Authority.