The Dutch National Police (Politie) has confirmed its network was breached and a threat actor accessed work-related contact details of Dutch police officers.
Officials say it is ‘highly likely a state actor is responsible’ for the attack, which saw officers’ phone numbers, full names, email addresses, and some private details of the 65,000 employees leaked, but it will still investigating the ‘nature, scope, and consequences of the data leak.’
The Chair of the Netherlands Police Union has called the hack ‘a nightmare’, saying it is the priority to ‘protect data, protect colleagues’. The agency confirms police are now required to use two-factor authentication to avoid further data loss.
Continuous monitoring
It’s not clear exactly how much data was compromised, and the Politie have not yet named the state it believes is behind the attack, but have confirmed it will not do so until all the details are collected and analyzed.
“Based on the intelligence services’ information, the police immediately implemented strong security measures to counter this attack. To prevent making the perpetrators more aware and to not jeopardize further investigation, no more information can be shared at this time.” the Politie confirmed in a statement.
This type of attack is becoming more common, as critical infrastructure is attacked more than ever. Since the start of the Russian invasion in Ukraine, Europe and allies of Ukraine have found themselves at the receiving end of cybercriminals looking to exfiltrate sensitive data.
Threat actors from around the world use critical infrastructure as a way to inflict maximum damage by leveraging information, installing malware, or crippling operations – leaving citizens without access to key services. It’s not yet clear what the motivations for this attack were, but it almost certainly won’t be the last of its kind.
Via BleepingComputer