cybercrime

The data of 80 thousand Transavia passengers leaked out after an e-mail inbox containing the data was breached, the Dutch low-cost flyer said on Monday. The data that was released includes passengers’ full names, date of birth, flight information, booking number, luggage purchase, and additionally requested services like wheelchair assistance.

The KLM subsidiary said the data was in a file in the mailbox, but it did not say why the years-old passenger information was being kept that way.

Companies and institutions reported nearly 27 thousand data breaches to the Dutch Data Protection Authority last year, an increase of 29 percent compared to 2018. Most of the leaks came from companies in the financial sector. The number of data leaks due to cyber attacks also increased, especially in the case of ransomware, NOS reports.

"We are seeing a huge increase in data breaches," Monique Verdier of the Dutch Data Protection Authority said to the broadcaster. "Last year we also saw a quarter more reports of attacks such as ransomware." 

The Rijksmuseum Twenthe lost nearly 3 million euros to cyber criminals while trying to buy a painting from a London art dealer, museum director Arnoud Odding confirmed to NOS after reports by news agency Bloomberg. The case is still in court.

The police arrested a 22-year-old man from Arnhem on Wednesday on suspicion of offering about 12 billion stolen usernames names and passwords for sale on website WeLeakInfo. The arrest was made as part of a joint investigation by the Dutch police, the United Kingdom's National Crime Agency, the United States' FBI, and Germany's Bundeskriminalamt.

The amount of damage caused by phishing scams is on the rise, according to figures from the Dutch Payments Association and the Dutch Banking Association. In the first half of this year, Netherlands residents lost 3.1 million euros to phishing scams, compared to 2.4 million euros in the second half of last year. Banks compensate this damage in most cases, NOS reports.

The account details of the 250 thousand users of Dutch website Hookers.nl have leaked out after a vulnerability on the website was exploited. A hacker captured the members' data and is offering it for sale, NOS reports based on its own research after an anonymous tip. The website is popular among clients of sex workers, who exchange tips, reviews and experiences in the sex industry. 

The problem extends beyond clients of sex workers. Sex workers themselves are also active on the website. They also may want to not be known as a sex worker with their real names. 

Online platform No More Ransom, launched by the Dutch police, helped at least 300 Dutch people get rid of ransomware on their computers in the three years of its existence. Over 2.5 million people worldwide have consulted the platform, the police said in a statement on Thursday. 

Last year 8.5 percent of Dutch internet users aged 12 years or older fell victim to cybercrime. That amounts to 1.2 million Dutch victims, Statistics Netherlands reported on Wednesday based on a study performed in collaboration with the police. Young people fell victim most often. And the most common type of cyber crime was crime against property - crime in which the perpetrator stole money from the victim, according to the stats office.

The Dutch police are concerned about an increasingly popular development in cybercrime, which the police refer to as cybercrime-as-service. Criminals can now buy cyber attacks easily, cheaply and at any time of day or night, the police said in a statement.

The police took down 10 fake online stores which were made to look like English versions of real Dutch stores on Tuesday. Two suspects, a 40-year-old man from Leeuwarden and a 21-year-old man from Groningen, were arrested.

These English-language sites looked like the websites of real Dutch stores, with web addresses that were very similar to those of recognized stores with a Chamber of Commerce registration. Visitors bought products like milk powder, energy drinks, shampoo, deodorant and alcohol. After payment, the products were never delivered.

This year 11 young hackers between the ages of 12 and 23 were sent to intern at an IT company as part of their punishment. This forms part of the police and Public Prosecutor's experimental program Hack_Right, which aims to get these first offenders back on the right path.