Data of every Dutch police officer compromised in suspected state-sponsored cyberattack
The Dutch National Police revealed a cyberattack that compromised the data of all police officers. Investigations to date suggest that a state-sponsored threat actor may be behind this cyberattack.
On Sunday (October 6), police revealed that the threat actors had exfiltrated the professional contact data of its entire police force, including names, email addresses and telephone numbers.
“I have spoken to many colleagues in recent days who have questions and concerns. Concerns that I share, because to be safe outside, you have to feel safe inside,” wrote Police Chief Janny Knol.
According to Europol, the Netherlands has a total of 65,000 employees, including 51,000 police officers and 14,000 employees “who perform other roles in support of police work.”
Initially, according to a September 26 letter to the Dutch House of Representatives from the Minister of Justice and Security, the incident did not result in any risk to personal data; However, the Dutch National Police have since said that while this is not the case in all cases, some of those affected also had “private information” stolen.
The Dutch National Police added that the stolen data belongs only to current officers and those who recently retired; however, some external partners, such as those working at the Judicial Council or the Public Prosecutor’s Office, could be in danger.
“If you resigned before July 24, 2024, your data was not involved in the hack,” it specifies.
“External people whose data could have been disclosed received an email. The organizations they are part of have also been informed.
Based on investigations to date, police said the hacker behind the breach was “most likely a state actor” but did not reveal who they suspected the culprit to be.
“Based on information provided by intelligence services, the police immediately implemented strict security measures against this attack,” added the Dutch National Police.
“In order not to make the perpetrators any wiser and not to harm the continuation of the investigation, we cannot say more at this time.”
Affected individuals have been advised to be on the lookout for subsequent access attempts, such as phishing emails, phone calls and other suspicious activities.