Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Dutch Ministry of Finance takes treasury systems offline amid cyber incident investigation

The Dutch Ministry of Finance took treasury banking portal offline after a cyberattack; core tax systems were not affected. The Dutch Ministry of Finance took parts of its infrastructure offline, including the treasury banking portal, after detecting a cyberattack two weeks earlier. The Dutch Ministry of Finance disclosed a cyberattack detected on March 19 after […]

Dutch police botnet

The Dutch Ministry of Finance took treasury banking portal offline after a cyberattack; core tax systems were not affected.

The Dutch Ministry of Finance took parts of its infrastructure offline, including the treasury banking portal, after detecting a cyberattack two weeks earlier.

The Dutch Ministry of Finance disclosed a cyberattack detected on March 19 after a third-party alert. Attackers breached some internal systems, the incident impacted a “portion of the employees”.

The security breach is currently under investigation. Authorities clarified that systems used to manage tax operations were not impacted, limiting the scope of disruption.

“The Ministry of Finance’s ICT security detected unauthorized access to systems for a number of primary processes within the policy department on Thursday, March 19.” reads the statement issued by Dutch Ministry of Finance. “Following the alert, an immediate investigation was launched, and access to these systems has been blocked as of today. This affects the work of a portion of the employees.”

The Ministry pointed out that services for citizens and businesses, including tax, customs, and benefits, remain unaffected.

“Services to citizens and businesses provided by the Tax and Customs Administration, Customs, and Benefits have not been affected.” continues the report.

The Dutch Ministry of Finance did not disclose technical details about the attack, and no cybercrime group has claimed responsibility so far.

In a statement to the Dutch House of Representatives, Minister of Finance Eelco Heinen said that, due to a forensic investigation, the Dutch Ministry of Finance has taken several systems offline, including the treasury banking portal, which has affected about 1,600 public entities that cannot access balances or key functions. Funds remain accessible and payments continue via normal channels, with essential services handled manually. Heinen added that enhanced security measures are in place, while investigations involve the NCSC, forensic experts, police, and the Data Protection Authority.

“Due to the ongoing forensic investigation and for security reasons, several systems have been temporarily taken offline, including the digital treasury banking portal. As a result, approximately 1,600 public institutions that hold funds with the Ministry of Finance are currently unable to view the balance of their treasury accounts digitally.” reads the statement. “Participants in treasury banking include ministries, agencies, legal entities with statutory tasks, educational institutions, social funds, and local governments. Additionally, it is temporarily not possible for participants to request loans, deposits, or credit, modify intraday limits, or generate reports via the portal.”

Participants retain full access to funds, and payments continue normally via standard banking channels, with essential services supported manually if needed. The duration of the disruption is still unknown. Enhanced security and monitoring are in place, while investigations involve the National Cyber Security Centre, forensic experts, police cybercrime units, and the Data Protection Authority.

In October 2024, the Dutch police blamed a state actor for the recent data breach that exposed officers’ contact details, the justice minister told lawmakers. The incident took place on September 26, 2024, and the police have reported the security breach to the Data Protection Authority.

Threat actors broke into a police system and gained access to work-related contact details of multiple officers. The attackers had access to names, emails, phone numbers, and some private information belonging to police officers.

Dutch intelligence agencies believe it is highly likely that a state actor was behind the data breach.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Dutch Ministry of Finance)