Hackers managed to break into the municipality of Almelo’s servers and steal some 20 gigabytes of data. The exact data stolen is unclear, though it is “almost certain” that personal information was among it, according to NU.nl.
According to Tubantia, the leak was reported to privacy watch dog Personal Data Authority. It is unclear who was behind the hack. The hackers seemed to gain access to the servers through systems of Werkplek Twente – a partnership between benefits agency UWV and the municipality of Twente aimed at finding work for people on disability.
How long the hackers had access to the system is unclear. The hack was discovered accidentally – the Almelo municipality does not monitor data traffic on a structural basis.
The municipality, in cooperation with the Information Service of the association of Dutch municipalities VNG, is investigating. Alderman Javier Cornelissen called the hack “terrible”, according to NU. He is also concerned that it may be too late to find out who broke into the servers and how they did it.
Almelo is not the first Dutch municipality to fall victim to a data breach. Last week it was announced that 140 thousand Utrecht residents’ personal information was accessible to more than the authorized officials. And in August unauthorized persons managed to gain access to personal information of some 3,700 Ede residents through the municipal site.