Cyber Incident Victim: Artis

On June 28, 2022, ARTIS, a cultural institution in the Netherlands, publicly disclosed it had been targeted in a cyberattack. The organization took immediate containment measures by proactively shutting down affected systems to prevent further spread of the incident across its network. This action disrupted multiple operational services, including online ticket sales through the ARTIS webshop and general access to its primary website. Internal IT systems experienced significant impairment, limiting administrative functions and communications. Public-facing telephone services were also impacted, reducing the institution’s capacity to handle visitor inquiries. The attack caused widespread technical outages but did not compromise physical animal welfare systems or on-site visitor safety protocols. ARTIS prioritized isolating critical infrastructure while assessing the scope of the compromise.

ARTIS formally reported the incident to relevant Dutch authorities and initiated a forensic investigation with external cybersecurity experts to determine the attack’s origin and methodology. Restoration efforts focused on gradually reactivating systems only after confirming their security, with priority given to restoring public booking capabilities and communication channels. The institution maintained transparency through limited public updates via alternative platforms but could not provide estimated recovery timelines during the initial response phase. Operational disruptions persisted for an unspecified duration following the attack, affecting visitor access to digital services. No evidence of data exfiltration or ransomware demands was disclosed in the immediate aftermath. Business continuity protocols remained activated throughout the recovery process to minimize institutional impact.