Dutch police reveal data breach from phishing attack
▼ Summary
– The Dutch National Police experienced a limited-impact security breach due to a successful phishing attack, which did not expose citizens’ data or investigative information.
– Police security experts quickly detected the incident, blocked the attackers’ access, and have launched both an internal and a criminal investigation.
– The police have not disclosed when the attack was detected or if any employee data was exposed, and a spokesperson did not provide further details.
– This follows a separate September 2024 data breach linked to a state actor, which stole officers’ work contact information and is still under investigation.
– After the earlier breach, the police implemented stronger security measures, including enhanced system monitoring and more frequent two-factor authentication requirements.
The Dutch National Police has confirmed a recent security breach stemming from a phishing attack, though officials state the impact appears contained. According to a press release, the agency’s Security Operations Center identified the intrusion swiftly and terminated the attackers’ access to compromised systems. An internal investigation is ongoing, but preliminary findings indicate that citizens’ data and sensitive investigative information were not accessed or exposed. The police have also initiated a separate criminal probe into the incident.
Specific details, such as the exact detection date or whether any employee information was compromised, have not been publicly released. The agency has not responded to requests for further comment regarding which specific systems or accounts were targeted.
This latest incident follows another data breach disclosed by the Dutch police in September 2024. That earlier cyberattack, which authorities linked to a state actor, resulted in the theft of work-related contact details for numerous officers. The stolen information included names, email addresses, phone numbers, and in some instances, private personal data. An investigation into the full scope and consequences of that leak remains active, and police have not attributed it to a specific threat group or detailed the attack methodology.
In response to the 2024 breach, the police corps implemented enhanced security measures. These include continuous system monitoring for suspicious activity and mandating that officers use two-factor authentication more frequently to access their accounts. The separate arrest of a 40-year-old man in February, for attempting extortion using confidential police documents shared in error, underscores the ongoing challenges facing the organization.
(Source: BleepingComputer)