The Dutch National Police recently blocked a phishing attack that targeted their systems, though they maintain that no citizen or investigative data was compromised. Security experts are currently conducting a criminal investigation to determine the full scope of the breach and whether any internal employee information was accessed.

The Dutch National Police confirmed they were targeted by a phishing attack that prompted an immediate response from their internal security operations center. Upon detecting the intrusion, officials quickly moved to block the attackers' access to the affected systems. While the agency is still investigating the specific details of the breach, they have emphasized that the impact appears to be limited and that sensitive citizen records remain secure.

This incident follows a previous security breach in September 2024, which was attributed to a state actor and resulted in the theft of contact information for various officers. During that earlier event, hackers managed to obtain names, email addresses, and phone numbers, leading the department to implement more rigorous security protocols. Those measures included increased monitoring of digital infrastructure and a more frequent requirement for officers to use two-factor authentication when logging into their accounts.

Despite the quick reaction to this latest phishing attempt, the police have not yet specified exactly when the attack occurred or if any staff members had their personal data exposed. A spokesperson did not provide immediate details regarding which specific accounts were compromised or how many employees might be affected. The lack of specific detail highlights the ongoing nature of the forensic investigation as experts work to trace the attackers' steps.

The department has also launched a criminal investigation into the matter to identify those responsible for the phishing campaign. This proactive legal stance reflects a broader effort by Dutch authorities to secure their networks against persistent cyber threats. Earlier this year, the police were involved in a separate case where an individual was arrested for attempting to extort the agency using confidential documents that had been shared by mistake.

While the police work to finalize their report on this recent event, they continue to monitor for suspicious activity across all platforms. The ongoing investigation into the nature and consequences of the leak aims to prevent similar vulnerabilities from being exploited in the future. For now, the agency maintains that its core investigative data and public records were not accessed during the breach.

Source: https://www.politie.nl/nieuws/2026/maart/25/00-politie-doelwit-van-phishing.html