The Dutch government has confirmed a large hack of its police database last week in which the work details of some 65,000 officers were stolen. It says the cyberattack is “most likely” to have been carried out by “a foreign government or foreign government agency”.
In a written briefing to MPs on Thursday, justice and security minister David van Weel revealed that the hackers had also stolen the data of some police “partners”, such as judges, public prosecutors, defence lawyers, probation officers and support staff.
The police union, NPB, described the cyberattack as “a nightmare” and said that although there was no indication of how the data might be used, there was “a lot of unrest” among officers, especially those working in sensitive areas such as narcotics or in undercover operations.
“The most important priorities now are to protect our officers and employees, to shield further data and to trace the source of the attack,” said the union’s spokewoman, Nine Kooiman. “The urgency of getting police data in order is already painfully clear.”
It was natural that officers would be worried for themselves and their families, Ms Kooiman added.
“Officers on the beat will be worried they’ll become victims of doxing, where personal information is put online to be shared with malicious intent.
“Others, such as ‘Romeos’ – plainclothes officers who mingle with demonstrators at protests, for instance – will be worried about harassment.”
Mr van Weel told parliament he was first briefed on the cyberattack by commissioner of police Janny Knol, who told him the work contact data of “the entire organisation” had been taken, although no investigations had been compromised.
[ Uber fined €290m in Netherlands for sending drivers’ data to the USOpens in new window ]
“There are certain groups to whom we are now giving special attention, including those who work under cover, but for security reasons this is not something we can elaborate on,” he told the MPs in his two-page briefing.
The minister noted that earlier this year both the secret intelligence service, AIVD, and military intelligence, MIVD, had been given the power to respond rapidly to aggressive cyberattacks and had immediately instructed the police on countermeasures in this case.
In February, the Dutch ministry of defence alleged that a “Chinese state actor” had placed malware on one of its isolated networks used for research and development.
In 2022, the security services also alleged that Russian state groups were hacking routers owned by private individuals or small and medium enterprises in the Netherlands, and using them to launch global attacks powered by thousands of hijacked devices.
Most notoriously, in 2018, the Dutch foiled a cyberattack on the headquarters of the Organisation for the Prohibition of Chemical Weapons in The Hague by four Russian military intelligence agents travelling as diplomats.
- Sign up for push alerts and have the best news, analysis and comment delivered directly to your phone
- Join The Irish Times on WhatsApp and stay up to date
- Listen to our Inside Politics podcast for the best political chat and analysis
