Foreign State Suspected in Theft of Dutch Police Officers' Data

The personal details of around 65,000 Dutch police employees have been stolen as part of a large-scale cyber incident. Dutch officials consider it “very likely” that a foreign state orchestrated that attack, implying the consequences could be far-reaching.

Dutch Justice Minister David van Weel disclosed the incident to parliament, confirming that threat actors exfiltrated sensitive data, including names, email addresses and job roles, from the compromised systems.

The Scope of the Breach

After infiltrating a police computer network, threat actors gained access to the contact details of every employee in the Dutch police force. The inclusion of undercover officers makes this security incident particularly alarming, as their exposure could lead to severe consequences in ongoing operations.

"There are certain groups that we are now paying particular attention to, including people who work undercover," van Weel said. However, the minister declined to provide further specifics of the investigation for security reasons.

Currently, there is no indication that perpetrators exfiltrated classified or investigative data during the attack.

Officials Suspect Foreign State Involvement

Investigations led by Dutch secret and security services indicate that the malicious campaign may have been orchestrated by a foreign state or actors working on behalf of one.

Although Dutch officials haven’t named any specific country, the cyber threats from countries like China, Russia, and Iran are growing.

The breach is part of a broader trend of state-sponsored cyberattacks against European government and law enforcement agencies. While Dutch police chief Janny Knol confirmed that the hackers had weaponized a compromised police account, the precise details of how the system was breached remain undisclosed.

Enhanced Security Protocols Enforced in Response to the Attack

Dutch authorities have implemented robust security protocols to mitigate further risks. Additionally, local authorities have issued security advisories to police staff, emphasizing the importance of remaining on the lookout for signs of suspicious activity, including compromised accounts, phishing emails, or unauthorized attempts to access devices.

The Dutch Police Union (NPB), whose members were directly impacted by the cyber attack, called the attack a “nightmare.”

According to a statement by NPB chairwoman Nine Kooiman, “shielding the data and protecting the employees” is currently the main priority.