The NWO, a prominent research body in the Netherlands, faced a severe ransomware attack in February 2021. The DoppelPaymer ransomware forced the council to shut down its grant application system, leading to approximately €4.5 million in damages. The attackers exfiltrated sensitive documents and published them on the dark web after the NWO refused to pay the ransom. The incident disrupted the council's operations significantly.
TPRM report: https://scoringcyber.rankiteo.com/company/nwo
"id": "nwo922051325",
"linkid": "nwo",
"type": "Ransomware",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Research',
'location': 'Netherlands',
'name': 'NWO (Netherlands Organisation for Scientific '
'Research)',
'type': 'Research Body'}],
'data_breach': {'data_exfiltration': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Sensitive documents'},
'date_detected': 'February 2021',
'description': 'The NWO, a prominent research body in the Netherlands, faced '
'a severe ransomware attack in February 2021. The DoppelPaymer '
'ransomware forced the council to shut down its grant '
'application system, leading to approximately €4.5 million in '
'damages. The attackers exfiltrated sensitive documents and '
'published them on the dark web after the NWO refused to pay '
"the ransom. The incident disrupted the council's operations "
'significantly.',
'impact': {'data_compromised': 'Sensitive documents',
'financial_loss': '€4.5 million',
'operational_impact': 'Significant disruption',
'systems_affected': ['Grant application system']},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
'motivation': 'Financial Gain',
'ransomware': {'data_exfiltration': 'Yes',
'ransom_paid': 'No',
'ransomware_strain': 'DoppelPaymer'},
'title': 'NWO Ransomware Attack',
'type': 'Ransomware'}