Russian-affiliated hackers are suspected of carrying out a cyberattack that may have compromised Dutch criminal case records. The breach reportedly allowed the attackers to remain inside the Public Prosecution Service (OM) systems for weeks without detection.
Sources familiar with the matter told Dutch newspaper AD that there are strong signs pointing to hackers based in Russia as being responsible for the intrusion at OM.
The initial alert about OM’s vulnerable systems was issued on June 17, following the discovery of a serious flaw in Citrix's NetScaler software. This third-party tool, used by the department for remote access, was flagged with a critical 9.3 rating on the CVSS scale in a security advisory published the same day.
Dutch newspaper de Volkskrant reports that the Public Prosecution Service (OM) followed recommended system updates but suspects the NetScaler vulnerability had already been exploited prior to the fix. In response to the potential breach, OM disconnected its computers from the internet to block further unauthorized access.
According to early findings, the attackers may have had access to OM’s systems for several weeks. During that time, they could have viewed highly confidential data, including police investigations, legal case files, and personal information of OM employees.
At this stage, it is unclear exactly what data was obtained by the attackers.
This incident is part of a troubling pattern of Russian-affiliated hacking activity targeting the Netherlands. In May, Dutch intelligence agencies confirmed that Russian hackers were responsible for stealing personal information of tens of thousands of police officers.
A separate breach revealed in September 2024 showed that contact details for over 65,000 officers had been taken from an Exchange server through a "pass-the-cookie" technique. This method involves a threat actor impersonating a user by hijacking a stolen browser cookie.
Investigators believe the cookie was harvested using info-stealing malware, likely deployed by a third party, and later sold to hackers on underground marketplaces.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
