Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what's known as a "Fraud-as-a-Service" operation. Believed to be active since at least 2020, the cybercriminal syndicate has been codenamed "Fraud Family" by cybersecurity firm Group-IB. The frameworks come with phishing kits, tools designed to steal information, and web panels, which allow the fraudsters to interact with the actual phishing site in real time and retrieve the stolen user data.
Authorities in the Netherlands have arrested a 24-year-old believed to be a developer of phishing frameworks for a cybercrime ring named "Fraud Family." According to the Dutch National Police, the man worked together with a 15-year-old accomplice to develop and sell phishing panels that allowed cybercriminals to steal banking credentials from unsuspecting users.
A Dutch consumer group is launching a 1.5 billion euro claim against TikTok over what it alleges is unlawful harvesting of personal data from users of the popular video sharing platform. The Consumentenbond and a foundation called Take Back Your Privacy demanded Thursday that TikTok pay damages to 1.2 million to 1.6 million Dutch children who use the app.
The Dutch government has temporarily disabled its coronavirus warning app amid data privacy concerns for people who have the app installed on phones using the Android operating system. Health Minister Hugo de Jonge announced late Wednesday that the CoronaMelder app will stop sending warnings for 48 hours while the government checks if users' data is secure.
A ransomware attack against conditioned warehousing and transportation provider Bakker Logistiek has caused a cheese shortage in Dutch supermarkets. Bakker Logistiek is one of the largest logistics services providers in the Netherlands, offering air-conditioned warehousing and food transportation for Dutch supermarkets.
The Netherlands Data Protection Authority has fined Booking.com €475,000 for notifying it too late that criminals had accessed the data of 4,109 people who booked a hotel room via the website. They then gained access to data including users' names, addresses, telephone numbers, and details about their booking.
The Dutch Data Protection Authority announced on Wednesday that it has issued a fine of €475,000 to online travel agency Booking.com for failing to report a data security incident within the required timeframe. According to the privacy watchdog, the incident took place in December 2018 and it involved cybercriminals using voice phishing and social engineering to trick the employees of 40 hotels in the United Arab Emirates into handing over their credentials for their Booking.com accounts.
A Dutch government report identifying "10 high data protection risks" for users of Google Workspace, formerly known as G Suite, has been revised after Google's response, and now says eight high risk issues still remain. Despite the name, this is not an offshoot of Google's Redmond-based rival, but a government department which manages vendor relations with the company, and which undertook to assess the risks of deploying Google Workspace instead of Office 365, in a process called a DPIA. It has conducted similar studies into privacy risks with Microsoft's services.
The recent cyberattack that forced the Dutch Research Council to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang. Since NWO does not cooperate with cybercriminals, DoppelPaymer published proof of the stolen internal data on their leak site.
The Dutch Police have begun posting warnings on Russian and English-speaking hacker forums not to commit cybercrime as law enforcement is watching their activity. Since the conclusion of Operation LadyBird, law enforcement's disruption of the Emotet botnet, the Dutch Police state that they are creating forum accounts on hacker forums to warn hackers that they are watching them publicly.