Cyber Incident Victim: Netherlands

On July 27, 2022, a cyberattack targeted the software provider servicing five municipalities in the Dutch province of Limburg: Eijsden-Margraten, Gulpen-Wittem, Kerkrade, Meerssen, and Vaals. The attack disrupted access to critical municipal data systems, rendering information related to welfare benefits, youth care services, social support provisions under the Wet maatschappelijke ondersteuning (Wmo), and energy subsidies temporarily inaccessible. Municipal operations relying on these systems were partially interrupted, specifically impacting administrative functions such as processing or updating records. However, frontline citizen services remained largely operational, with residents still able to request assistance via phone or email for urgent matters like welfare payments. No evidence indicated data exfiltration or theft during the incident, according to official statements from the affected municipalities.

Immediate response measures included engaging a specialized cybersecurity firm to investigate the compromised systems following the attack’s detection. The investigation confirmed the integrity of the systems was restored, enabling safe reactivation without further disruption. Municipal representatives emphasized that no ransom payments were made to attackers throughout the incident. Administrative backlogs caused by the system outage were addressed through post-recovery data entry efforts, ensuring continuity in public service delivery. The municipalities reported no direct adverse effects on residents during or after the incident, attributing this outcome to contingency measures that maintained essential communications channels while technical remediation occurred.