The Openbaar Ministerie (OM), the Netherlands' Public Prosecution Service, suffered a cyber attack exploiting vulnerabilities in Citrix devices, forcing a complete disconnection from the internet to prevent further intrusion. The breach disrupted critical operations, including court case processing, as external communications (emails, digital document transfers) were halted, reverting to manual, paper-based workflows (e.g., postal mail, physical paperwork for lawyers). The outage also disabled speed cameras nationwide fixed, average-speed, and portable units compromising road safety enforcement while only mobile-phone-detection cameras remained functional. The attack’s ripple effects delayed legal proceedings, increased administrative burdens, and created unintended public safety risks by neutralizing traffic monitoring systems. The NCSC and Dutch data regulators were notified, but system reactivation remains contingent on confirming the hackers’ expulsion, prolonging operational paralysis.
Source: https://www.bitdefender.com/en-us/blog/hotforsecurity/speed-cameras-knocked-out-after-cyber-attack
TPRM report: https://www.rankiteo.com/company/openbaar-ministerie
"id": "ope523082025",
"linkid": "openbaar-ministerie",
"type": "Cyber Attack",
"date": "8/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'industry': 'Law Enforcement / Judicial',
'location': 'Netherlands',
'name': 'Openbaar Ministerie (OM) / Public Prosecution '
'Service',
'type': 'Government Agency'}],
'attack_vector': ['Exploitation of vulnerabilities in Citrix devices'],
'date_detected': '2023-07-17',
'description': "A security breach at the Netherlands' Public Prosecution "
'Service (Openbaar Ministerie, OM) led to the disconnection of '
'its systems from the internet, causing widespread operational '
'disruptions. This included the malfunctioning of speed '
'cameras (fixed, average speed checks, and portable units, '
'excluding mobile phone usage cameras), delays in court cases, '
'and a reversion to manual processes like paper-based '
'communications. The breach was linked to vulnerabilities in '
'Citrix devices, exploited by hackers to gain unauthorized '
'access. The incident highlights the cascading effects of '
'cyberattacks on interconnected public systems, including road '
'safety and judicial efficiency.',
'impact': {'brand_reputation_impact': ['Potential erosion of public trust in '
'judicial and road safety systems'],
'downtime': {'affected_services': ['Speed camera operations',
'External communications '
'(email, digital document '
'exchange)',
'Court case processing '
'timelines',
'Lawyer-case document handling '
'(reverted to paper/post)'],
'duration': None,
'end_date': None,
'start_date': '2023-07-17'},
'operational_impact': ['Speed cameras non-functional (road safety '
'risk)',
'Court cases delayed or stalled',
'Manual processes (printing, postal mail) '
'reinstated',
'Lawyers required to physically transport '
'case documents',
'Internal email only; no external digital '
'communication'],
'systems_affected': ['Public Prosecution Service (OM) IT systems',
'Fixed speed cameras',
'Average speed check cameras',
'Portable speed cameras (excluding mobile '
'phone usage cameras)',
'External communication systems (email, '
'internet)',
'Court case management systems']},
'initial_access_broker': {'entry_point': ['Citrix device vulnerabilities']},
'investigation_status': 'Ongoing (as of last report)',
'post_incident_analysis': {'root_causes': ['Exploitation of Citrix '
'vulnerabilities',
'Inadequate containment leading to '
'system-wide disconnection']},
'references': [{'source': 'Dutch media reports (unspecified)'},
{'source': 'Internal OM IT director memo'},
{'source': 'Statement by Marthyne Kunst (OM crisis team)'}],
'regulatory_compliance': {'regulatory_notifications': ['National '
'Cybersecurity Centre '
'(NCSC)',
'Dutch data protection '
'regulators']},
'response': {'communication_strategy': ['Internal memo warning about '
'reconnection risks',
'Media statements by crisis team '
'member Marthyne Kunst'],
'containment_measures': ['Disconnection of all systems from the '
'internet (July 17, 2023)',
'Internal email-only communication',
'Manual document handling (printing, '
'postal mail)'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'third_party_assistance': ['National Cybersecurity Centre '
'(NCSC)']},
'title': "Cyberattack on Netherlands' Public Prosecution Service (Openbaar "
'Ministerie) Disrupts Speed Cameras and Court Operations',
'type': ['Cyberattack', 'Data Breach', 'System Disruption'],
'vulnerability_exploited': ['Citrix device vulnerabilities (specific CVE not '
'disclosed)']}