The Dutch waste-processing company Omrin suffered a cyberattack executed by the Russian hacking group Qilin on October 12. The breach resulted in the theft of highly sensitive personal data, including names, addresses, and BSN numbers (Dutch citizen identification numbers) of all 940 residents of the municipality of Schiermonnikoog. Additionally, over 1,000 GB of data was exfiltrated, encompassing confidential meeting protocols and private employee information. The municipality confirmed that Omrin had no legitimate need to store BSN numbers for its operations, exacerbating the severity of the incident. On October 30, cybersecurity experts discovered that a file containing resident personal data, local business information, and homeowner details from Schiermonnikoog was compromised. Affected individuals are being notified in writing about potential risks, including identity theft and fraud. Authorities are collaborating to mitigate the fallout, though the long-term reputational, financial, and operational consequences for Omrin and the municipality remain significant. The attack underscores critical lapses in data governance and cybersecurity protocols, with law enforcement actively investigating the incident.
Source: https://mezha.net/eng/bukvy/russian-hackers-breach-omrin-steal-schiermonnikoog-residents-data/
TPRM report: https://www.rankiteo.com/company/omrin
"id": "omr2262822110525",
"linkid": "omrin",
"type": "Cyber Attack",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '940 (all residents of '
'Schiermonnikoog municipality)',
'industry': 'Environmental Services',
'location': 'Netherlands',
'name': 'Omrin',
'type': 'waste-processing company'},
{'customers_affected': '940 residents',
'industry': 'Public Administration',
'location': 'Schiermonnikoog, Netherlands',
'name': 'Schiermonnikoog Municipality',
'type': 'local government'}],
'customer_advisories': 'Written notices to all 940 affected residents with '
'details on potential consequences.',
'data_breach': {'data_exfiltration': True,
'file_types_exposed': ['databases',
'documents (meeting protocols)',
'personal records'],
'number_of_records_exposed': '940 (residents) + unspecified '
'(employees/businesses)',
'personally_identifiable_information': ['full names',
'addresses',
'BSN numbers'],
'sensitivity_of_data': 'High (BSN numbers are highly '
'sensitive in the Netherlands)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'government-issued identifiers '
'(BSN)',
'confidential corporate data',
'employee records']},
'date_detected': '2023-10-30',
'date_publicly_disclosed': '2023-10-30',
'description': 'Russian hackers from the Qilin group gained unauthorized '
"access to Omrin's systems, stealing sensitive personal data "
'(including BSN numbers, names, and addresses) of all ~940 '
'residents of Schiermonnikoog municipality in the Netherlands. '
'Over 1,000 GB of data—including confidential meeting '
'protocols and employee information—was exfiltrated. Omrin had '
"no legitimate need to store residents' BSN numbers for its "
'operations.',
'impact': {'brand_reputation_impact': 'High (municipality and Omrin issued '
'public apologies; residents notified '
'via written notices)',
'data_compromised': ['BSN numbers',
'names',
'addresses',
'confidential meeting protocols',
'employee private information',
'local business data',
'homeowner data'],
'identity_theft_risk': 'High (BSN numbers exposed)'},
'initial_access_broker': {'high_value_targets': ['BSN numbers',
'municipal confidential '
'data']},
'investigation_status': 'Ongoing (law enforcement and cybersecurity experts '
'involved)',
'post_incident_analysis': {'root_causes': ['Unnecessary storage of BSN '
'numbers by Omrin',
'Inadequate data protection '
'measures']},
'ransomware': {'data_exfiltration': True},
'references': [{'source': 'nu.nl'},
{'date_accessed': '2023-10-30',
'source': 'Schiermonnikoog Municipality Notice'}],
'regulatory_compliance': {'regulations_violated': ['Likely GDPR (General Data '
'Protection Regulation) '
'due to unauthorized '
'processing/storage of BSN '
'numbers']},
'response': {'communication_strategy': ['written notices to affected '
'residents',
'public updates via municipality '
'webpage'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'third_party_assistance': ['cybersecurity specialists']},
'stakeholder_advisories': 'Residents advised via written notices; public '
'updates promised on municipality webpage.',
'threat_actor': 'Qilin (Russian hacking group)',
'title': 'Cyberattack on Omrin Waste-Processing Company by Qilin Hacking '
'Group',
'type': ['data breach', 'cyberattack', 'unauthorized access']}