The Dutch Public Prosecution Service (part of the Department of Justice) is gradually resuming internet connections after going offline on July 17. The Public Prosecution Service also confirms that “some Citrix systems have been compromised, which means that these systems have been exposed to unauthorized access.”
Based on technical investigation into the IT breach, it has been established that vulnerabilities in the system were indeed exploited. However, there are no indications of manipulation or theft of data. The recovery process is being carried out in phases and under strict conditions. “Based on the results of the investigation and the advice of external experts, the Board believes that a phased and controlled go-live can now take place in a responsible manner,” the Public Prosecution Service said.
The Board of Procurators General decided on Monday to return to online working in a controlled manner after technical analysis confirmed that vulnerabilities in the system had been exploited. To date, no indications have been found that criminal or other data has been removed or manipulated.
The Public Prosecution Service is continuously monitoring the IT environment for suspicious activity so that immediate action can be taken if necessary. This is a drastic but necessary security protocol given the sensitivity of the systems involved.
Phased return under strict conditions
The new online phase will proceed in stages. Email for Public Prosecution Service employees will be restored first, followed by other functionalities that are relevant to the legal process. This order is essential because missing digital information must be entered systematically—for example, a conviction can only be registered after an arrest has been recorded.
On July 17, as a precautionary measure, the Public Prosecution Service disconnected all internal systems after receiving signals from the National Cyber Security Center about Citrix vulnerabilities. This was a drastic decision with enormous consequences for its own work and the entire criminal justice chain. The Public Prosecution Service scanned all systems offline to investigate the full extent of the abuse.
Careful coordination with chain partners
The restart is being carefully coordinated with partners in the criminal justice chain, such as the judiciary, the police, the CJIB, and the NFI. This prevents disruptions to their systems and processes. The legal profession and Victim Support Netherlands are also being kept informed of further steps.
“It will take some time before all systems are functioning as before. It is difficult to estimate exactly how long this will take at this stage,” said Rinus Otte, chairman of the Board of Procurators General. The aim remains to minimize the impact on victims, suspects, and convicted persons.
In recent weeks, many employees of the Public Prosecution Service, chain partners, and other parties involved have asked questions. Without their dedication, goodwill, and patience, it would not have been possible to get so much work done under such challenging circumstances. The criminal investigation led by the National Public Prosecutor’s Office is still ongoing.