Dutch National Police: Dutch Police discloses security breach after phishing attack

Dutch Police Confirm Phishing Attack with Limited Impact

The Dutch National Police (Politie) disclosed a security breach stemming from a successful phishing attack, confirming that the incident had a limited impact and did not compromise citizens' data or investigative information. The agency’s Security Operations Center detected the attack swiftly and blocked the attackers' access to compromised systems.

While the full scope of the breach remains under investigation, authorities stated that no sensitive citizen or operational data was exposed. A criminal investigation has been launched, though details including the timing of the attack, affected systems, and whether employee data was accessed have not been released. A police spokesperson did not immediately respond to requests for further information.

This incident follows a separate September 2024 data breach linked to a state-sponsored cyberattack, which resulted in the theft of work-related contact details for multiple officers, including names, email addresses, phone numbers, and, in some cases, private data. The ongoing investigation has not attributed the attack to a specific threat group or revealed the attack vector.

In response to the earlier breach, the Dutch police implemented enhanced security measures, including continuous system monitoring and mandatory two-factor authentication for officer logins. Additionally, in February 2024, Dutch authorities arrested a 40-year-old man for attempting to extort the police using confidential documents accidentally shared by the agency.

Source: https://www.bleepingcomputer.com/news/security/dutch-police-discloses-security-breach-after-phishing-attack/

Metropolitan Police cybersecurity rating report: https://www.rankiteo.com/company/metpoliceuk

"id": "MET1774599822",
"linkid": "metpoliceuk",
"type": "Breach",
"date": "3/2026",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'industry': 'Law Enforcement',
                        'location': 'Netherlands',
                        'name': 'Dutch National Police (Politie)',
                        'type': 'Government Agency'}],
 'attack_vector': 'Phishing',
 'description': 'The Dutch National Police (Politie) disclosed a security '
                'breach stemming from a successful phishing attack, confirming '
                'that the incident had a limited impact and did not compromise '
                "citizens' data or investigative information. The agency’s "
                'Security Operations Center detected the attack swiftly and '
                "blocked the attackers' access to compromised systems.",
 'impact': {'data_compromised': 'No sensitive citizen or operational data was '
                                'exposed'},
 'investigation_status': 'Ongoing',
 'post_incident_analysis': {'corrective_actions': 'Mandatory two-factor '
                                                  'authentication for officer '
                                                  'logins'},
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'containment_measures': "Attackers' access to compromised "
                                      'systems was blocked',
              'enhanced_monitoring': 'Continuous system monitoring implemented '
                                     'post-incident',
              'incident_response_plan_activated': 'Yes'},
 'title': 'Dutch Police Phishing Attack with Limited Impact',
 'type': 'Phishing Attack'}