Cyber Incident Victim: University of Amsterdam

On or around February 17, 2021, the University of Amsterdam (UvA) and the Hogeschool van Amsterdam (HvA) experienced a cybersecurity incident involving unauthorized access to their ICT environments. The breach was identified by the institutions' Security and Operations Center, which detected that unknown third parties had infiltrated their systems. Both educational organizations implemented immediate containment measures, including disabling multiple ICT systems as a precautionary step to prevent further unauthorized activity. The primary objective of these actions was to minimize operational disruptions while safeguarding ongoing educational and research activities. No specific details were disclosed regarding the exact entry vectors used by the attackers or the duration of unauthorized access prior to detection.

The coordinated response focused on maintaining academic continuity despite system disruptions caused by the protective shutdowns. Neither institution released information about the scope of compromised data or whether student, staff, or research information was accessed or exfiltrated. Operational impacts included the temporary unavailability of disabled systems, though specific affected applications or services were not detailed publicly. Both universities emphasized their efforts to restore normal operations while investigating the incident, but did not disclose remediation timelines or whether law enforcement agencies were involved. The incident marked a significant operational challenge for Amsterdam's higher education sector, requiring resource reallocation to manage both cybersecurity containment and academic continuity obligations simultaneously.