Cyber Incident Victim: ROC Mondriaan

ROC Mondriaan, a vocational education institution in The Hague, experienced a disruptive cyber attack during the weekend of August 21, 2021, that crippled its computer systems. The attack rendered all systems inoperable, preventing employees and students from accessing files or digital resources essential for academic and administrative operations. The institution immediately initiated emergency protocols upon discovering the breach, prioritizing system restoration efforts ahead of the approaching academic week. By August 22, ROC Mondriaan publicly confirmed the cyber attack through CrimeInfo.nl reports, though operational disruptions persisted across the organization. The technical outage created immediate logistical challenges for the MBO (middle-level applied education) institution, which serves numerous students across multiple campuses.

In response to the incident, ROC Mondriaan launched a forensic investigation to assess the attack's scope and preserve digital evidence, engaging external cybersecurity experts to assist with both the investigation and recovery efforts. The institution aimed to restore systems "as safely and quickly as responsible" but maintained system access restrictions through at least August 24 to prevent further compromise. Concurrently, ROC Mondriaan formally reported the data breach to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), acknowledging potential unauthorized access to personal information or sensitive institutional data. While media outlets speculated about ransomware involvement due to the system-wide encryption-like symptoms, the institution's spokesperson declined to confirm any specific attack methodology to RTL Nieuws. The sustained IT outage forced continued operational adjustments as recovery work extended through the week following the initial compromise.