Joost Schellevis reports (translated):
The private addresses and telephone numbers of potentially millions of Dutch people have fallen into the hands of criminals. They have been stolen from a company that provides car garages with ICT services. In addition to name and address details, it also concerns e-mail addresses, license plates, telephone numbers and dates of birth, according to research by the NOS. The data is offered for sale on a popular hacker forum.
The exact number of people affected by the leak is not known. According to the hacker who offers the data for sale, it concerns traceable data of 7.3 million people, but the same people can appear in the data breach several times. The e-mail address would be present in 2.5 million cases.
Read more on NOS.nl. The data appears to come from RDC.nl, who posted a statement on their site two hours ago. Translation:
After we were told yesterday that vehicle and personal data were for sale on the internet that could possibly come from RDC, we immediately started an investigation to find out what happened.
We have now brought in Fox-IT, an expert in the field of cyber security, to investigate with us how the data ended up outside our domain. We are also in contact with the police to report the crime.
As soon as we have concrete results from our research, we will let you know immediately.
h/t, @Chum1ng0