On 19 March, the ministry detected the incident after the policy department’s internal systems were breached by an unauthorised user. They were made aware of the access through an alert by an unnamed third party.
Following the cyber incident, the treasury banking portal was taken offline, which restricted access to key functions, including accessing bank balances. This impacted roughly 1,600 entities, including agencies, educational institutions, local governments, social funds and ministries.
At this stage, while funds and payments can still be accessed, essential services are now being dealt with manually.
In a statement to the Dutch House of Representatives, Eelco Heinen, Minister of Finance, announced that the systems had been taken offline.
“Due to the ongoing forensic investigation and for security reasons, several systems have been temporarily taken offline, including the digital treasury banking portal. As a result, approximately 1,600 public institutions that hold funds with the Ministry of Finance are currently unable to view the balance of their treasury accounts digitally,” the statement said.
“Participants in treasury banking include ministries, agencies, legal entities with statutory tasks, educational institutions, social funds, and local governments. Additionally, it is temporarily not possible for participants to request loans, deposits, or credit, modify intraday limits, or generate reports via the portal.”
According to reports, the National Cyber Security Centre is assisting in investigations, and the Data Protection Authority has been notified of the incident.
At this stage, details of the incident have not been disclosed, and no threat actor has taken responsibility. However, Dutch authorities have said that it is highly likely that a state actor was to blame.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
