NAM data leak: Earthquake victims' data shared with Ministry

At the end of 2020, the Dutch Petroleum Company (NAM) incorrectly shared the data of possibly thousands of residents of the Groningen earthquake area with the Ministry of Economic Affairs and Climate. The Ministry called it "quite a data breach," but a NAM spokesperson insists that "practically only public information" was leaked, NOS reports.

A spokesperson for NAM told NOS that the leak involved no names, telephone numbers, email addresses, or special personal data. According to him, the leak consisted of an excel file of Groningen residents who used the NAM's value depreciation scheme - the thousands of Groningen homeowners who accepted an offer from NAM between 2014 and 2020 because their homes had fallen in value due to the frequent fracking earthquakes.

Dagblad van het Noorden discovered the data leak in correspondence accessed through the Government Information (Public Access) Act (Wob). The Ministry had asked NAM for the files of a few residents "for research," according to the newspaper. An employee accidentally sent "a larger file than needed."

In March last year, NAM also reported an "extremely annoying leak" in that same database, according to RTV Noord. Then the data of 19,000 Groningen residents was leaked due to a hack. 122 people's privacy-sensitive information, like email addresses and telephone numbers, were stolen. NAM reported the leak to the Dutch Data Protection Authority and contacted the affected people to take measures.

NAM said it regrets the new incident but believes that there has been "no real risk to residents' privacy." It, therefore, did not report the leak to the Dutch Data Protection Authority.