Dutch companies vulnerable after Microsoft leak

Many Dutch companies are still vulnerable to cyber attacks and hackers after a leak in the Microsoft Exchange email servers discovered in April, cybersecurity company Secutec Nederland told BNR.

Since Microsoft announced the leak in April, three security patches were rolled out. But many companies haven't installed them yet and are therefore still vulnerable. So far Secutec Nederland found around 2,300 companies who haven't installed these patches yet, director Martijn van Lom said to the broadcaster. "The scan is ongoing, so the number could rise further."

Secutec also investigated the vulnerability itself and found that it is "actively being exploited". So companies who use Microsoft Exchange and haven't installed the security updates are at real risk.

"It's pretty easy to fix just by running the patch. We've got the information on that in order. But many companies depend on their IT partner. If they don't have things in order, then you can get away with it," Van Lom said.

He added that the thousands of companies who haven't installed the patches yet show that "it is apparently still necessary to warn companies about this".