Security News

The Dutch Data Protection Authority announced on Wednesday that it has issued a fine of €475,000 to online travel agency Booking.com for failing to report a data security incident within the required timeframe. According to the privacy watchdog, the incident took place in December 2018 and it involved cybercriminals using voice phishing and social engineering to trick the employees of 40 hotels in the United Arab Emirates into handing over their credentials for their Booking.com accounts.

A Dutch government report identifying "10 high data protection risks" for users of Google Workspace, formerly known as G Suite, has been revised after Google's response, and now says eight high risk issues still remain. Despite the name, this is not an offshoot of Google's Redmond-based rival, but a government department which manages vendor relations with the company, and which undertook to assess the risks of deploying Google Workspace instead of Office 365, in a process called a DPIA. It has conducted similar studies into privacy risks with Microsoft's services.

The recent cyberattack that forced the Dutch Research Council to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang. Since NWO does not cooperate with cybercriminals, DoppelPaymer published proof of the stolen internal data on their leak site.

The Dutch Police have begun posting warnings on Russian and English-speaking hacker forums not to commit cybercrime as law enforcement is watching their activity. Since the conclusion of Operation LadyBird, law enforcement's disruption of the Emotet botnet, the Dutch Police state that they are creating forum accounts on hacker forums to warn hackers that they are watching them publicly.

Servers belonging to the Dutch Research Council have been compromised, forcing the organization to make its network unavailable and suspend subsidy allocation for the foreseeable future. The NWO is tasked with investing in research and research infrastructure to increase quality and innovation in science.

Dutch police have arrested two individuals on Friday for allegedly selling data from the Dutch health ministry's COVID-19 systems on the criminal underground. According to Verlaan, the two suspects worked in DDG call centers, where they had access to official Dutch government COVID-19 systems and databases.

Gevers shared screenshots of the user-side of the account with the Dutch press to prove he had gained access and may have used the account access to tweet a link to a satirical website as the President. Skeptical it would have been that easy to get into such an influential and safeguarded Twitter account with 88 million followers, everyone refused to accept it had happened.

Dutch prosecutors Wednesday said a man had cracked US President Donald Trump's Twitter account in October despite denials from Washington and the company, but added that the so-called "Ethical hacker" would not face charges. Both the White House and Twitter have strenuously denied reports that the account had been hacked.

Donald Trump's Twitter password was easily guessed, and he still isn't using multi-factor authentication, claims a Dutch hacker who on Thursday bragged he broke into the President's account last week. Twitter was having none of it, though: the password guessing nor the link posting.

Three "Grumpy old hackers" in the Netherlands managed to access Donald Trump's Twitter account in 2016 by extracting his password from the 2012 Linkedin hack. The pseudonymous, middle-aged chaps, named only as Edwin, Mattijs and Victor, told reporters they had lifted Trump's particulars from a database that was being passed about hackers, and tried it on his account.