Dutch Law Enforcement Data Breach

Infographic Threat Talks - Prevent, Pay or Insure
Listen to Threat Talks - Cybersecurity Podcast on Spotify
Listen to Threat Talks - Cybersecurity Podcast on YouTube
Listen to Threat Talks - Cybersecurity Podcast on Apple Podcasts
Listen to Threat Talks - Cybersecurity Podcast on Amazon Music

Dutch Law Enforcement Data Breach

Imagine the phone numbers of police officers, DAs, and even critical key witnesses being hacked and leaked to the public.

This isn’t the opening to some spy novel – it’s what actually happened when the Dutch Law Enforcement suffered a serious data breach in September of this year.

Initially reported as a breach ‘only’ involving personal data of 65.000 law enforcement employees, it later became clear that much more data was leaked, and not just data from law enforcement personnel.

In this Deep Dive, host Lieuwe Jan Koning, Security Expert Jeroen Scheerder and Field CTO Rob Maas take an in-depth look at how this breach unfolded, the poor security track record of the software that was used and what the Dutch Law Enforcement could’ve done better when it comes to handling the publicity of a data breach. 

 

Explore the Hack’s Route in Detail

Find a complete overview of the Conti Attack and other attacks featured in Prevent, Pay or Insure.

Your cybersecurity experts

Lieuwe Jan Koning, Co-Founder and CTO, ON2IT

Lieuwe Jan Koning

Co-Founder and CTO, ON2IT Group

Jeroen Scheerder, ON2IT

Jeroen Scheerder

Security Architect, ON2IT

Rob Maas, Field CTO, ON2IT

Rob Maas

Field CTO, ON2IT

Episode details

On September 27th 2024, news broke about Dutch law enforcement suffering a data breach, initially reported (downplayed) as involving ‘only’ personal data of 65.000 law enforcement employees (name, email, function).

Later it became clear more personal data was leaked. Former employees as well as ‘partners’, e.g. other parties communicating with law enforcement employees, turned out to have been disclosed (‘leaked’) as well. Software with an extremely poor security track record (Outlook) was involved. 

As news of this data breach spread, the Dutch Law Enforcement did three things that are ill-advised when responding to a data breach: they blamed a scapegoat, downplayed what happened, and (allegedly falsely) claimed that this was a very sophisticated attack.

Curious what really happened and what how they could’ve handled this situation better?

     

    Enter the dynamic world of cybersecurity

    Subscribe to our channels, and stay on to it!

    Infographic Threat Talks - Prevent, Pay or Insure
    Listen to Threat Talks - Cybersecurity Podcast on Spotify
    Listen to Threat Talks - Cybersecurity Podcast on YouTube
    Listen to Threat Talks - Cybersecurity Podcast on Apple Podcasts
    Listen to Threat Talks - Cybersecurity Podcast on Amazon Music