Dutch Ministry of Finance Reports Breach Affecting Policy Department
Learn More
The Dutch Ministry of Finance (Ministerie van Financiën) reports a cybersecurity incident on March 23, 2026, involving unauthorized access to its internal infrastructure.
The breach was first detected on March 19, 2026, after a third-party alert triggered an internal investigation. The breach targeted systems within the ministry's policy department, disrupting the work of a portion of the staff.
After detection, the ministry immediately blocked access to the affected systems to contain the threat and prevent lateral movement. The organization is currently conducting a forensic analysis to determine how long the attackers remained undetected within the network.
The compromised data includes:
- Internal policy department records
- Employee work-related information
- Primary process system data
The nature of the attack and the number of affected individuals is not disclosed.
Officials confirmed that critical public-facing services, including the Tax and Customs Administration (Belastingdienst), Customs, and Benefits (Toeslagen), were not impacted by the breach. The ministry is working with national cybersecurity authorities to investigate the scope of the incident and has reported the matter to the relevant data protection regulators.
Update - due to this incident the Dutch Ministry of Finance took systems offline, including its treasury banking portal serving around 1,600 public institutions.
This breach occurs in the context of increasing cyber threats against the Netherlands, such as the 2024 state-actor attack on the Dutch police. The ministry has directed staff to follow internal security protocols while the investigation continues.
