Overview
- Dienst Justitiële Inrichtingen confirms a data leak and is investigating the cause, with a notification to the Autoriteit Persoonsgegevens and the NCSC informed.
- An Argos investigation reports intruders had at least five months of access and may still retain persistence in systems.
- Exposed items include employee email addresses, phone numbers and security certificates tied to corporate mobile phones, laptops and tablets.
- NCSC warns patching may not remove backdoors and advises wiping and reinstalling potentially compromised devices.
- The government says additional bodies were affected via Ivanti EPMM, including Dienst Terugkeer en Vertrek, the Justitiële ICT Organisatie, the medicines regulator CBG and one municipality.