DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Nl: Three arrested in massive hacking, data theft and blackmail probe; One was a whitehat researcher

Posted on February 24, 2023 by Dissent

DutchNews.nl reports:

Amsterdam’s cyber crime police team has arrested three young men as part of a major investigation into hacking, data theft, blackmail and money laundering involving the private details of tens of millions of people.  The three, aged 21 and 18, were picked up on January 23 and two have been restricted to contact with their lawyers only, in the interests of the investigation, police said.

Read more at DutchNews.nl.

According to the police, the suspects are a 21-year-old man from Zandvoort (prime suspect), a 21-year-old man from Rotterdam, and an 18-year-old man of no fixed abode. The investigation was opened in March 2021 following a report of data theft and threats at a large Dutch company. The police state:

During the course of the investigation it has become clear that probably thousands of small and large companies and institutions, both national and international, have fallen victim to computer intrusion (hacking) in recent years and subsequently theft and handling of data. Tens of millions of privacy-sensitive personal data have fallen into the hands of criminals as a result of this theft and trade.

The suspects allegedly engaged in the types of extortion demands we have read about many times over the past years:

After illegally accessing the data on the systems of the affected companies, these companies receive a threatening message by email stating that they must pay in bitcoins. If a company does not pay, it threatens to destroy the company’s digital infrastructure or to make the data public. Many companies have felt compelled to pay in hopes of protecting their data. The total damage for companies runs into the many millions. As far as we know, the ransom demanded per company has risen to more than 100,000 euros, with a peak of more than 700,000 euros. Moreover, in many cases, the stolen data is still sold online, even though the affected companies have paid.

The entire police statement can be found here.

DutchNews.nl also noted that broadcaster NOS reported that one of the three suspects also worked for the data security organisation DIVD or Dutch Institute for Vulnerability Disclosure.  NOS reports:

In an internal Slack message, DIVD reports that there are “no indications” that the man has abused his access. “We immediately blocked him and denied him access to our systems,” writes the organization’s crisis manager. “We are just as shocked as everyone else,” says a DIVD spokesman.

In the internal message, the crisis manager describes the arrested hacker as a “nice colleague of whom we had no indications that he was involved in matters that conflict with our code of conduct.”

Comment: DataBreaches has reported on DIVD and its researchers a number of times over the past years. If this individual did not misuse access and abuse trust, well, that’s a relief, but obviously, DIVD will be considering how to prevent any such situations going forward. It would be a shame, though, if entities who can really benefit from their skills and help lose trust in them based on this situation.  Having collaborated with one of their team on a number of investigations into health data leaks over the past few years, and having read other work of theirs, my trust in them and respect for them is unwavering.

Update:  DIVD has issued the following statement:

On Thursday, February 23, at around 5:00 PM, news broke of the arrest of three young Dutch hackers in connection with a significant data theft and extortion case. One of them was an active volunteer for DIVD in the past year. We are deeply shocked by the facts that have come to light.

The mission of DIVD is to make the internet safer. The allegations against the volunteer are entirely at odds with this mission. It should be clear that we had no knowledge of any criminal activities by the volunteer, nor did we suspect he was involved in such activities.

As soon as we learned of his arrest, we formed a crisis team, blocking the volunteer’s account and denying him access to DIVD systems. Shortly after that, we launched an internal investigation to determine if DIVD knowledge or resources were used in violation of the DIVD code of conduct. No concrete evidence of such abuse was found. DIVD is not part of the police investigation, and they have not requested us for any data.

Volunteering for DIVD as a helpful hacker is never compatible with cybercrime. We have suspended the volunteer’s membership.

More than 100 volunteers are active as helpful hackers at DIVD. They have all endorsed our code of conduct. Anyone who violates this code is immediately suspended and is no longer welcome at DIVD. We have accomplished a great deal together over the past years, and we are very sorry that the actions of one volunteer have now cast a shadow on our work.

Category: Business SectorCommentaries and AnalysesHackNon-U.S.Of NoteOther

Post navigation

← Russian Malware Developer Arrested And Extradited To The United States
Au: The Good Guys warns of customer data leak →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open
  • Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
  • Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics
  • Akira doesn’t keep its promises to victims — SuspectFile
  • Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed
  • Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
  • Lower Merion School District says a data breach was caused by a computer glitch (1)
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report