The Ministry of Finance has been the target of a hack, but the exact scope is not yet known. We do know, however, that on Thursday, March 19, unauthorized access was detected to systems the ministry describes as primary processes within the policy department. Exactly what those systems contain or how deeply the intruders penetrated has not yet been disclosed.
When the ministry’s security experts detected hackers on the network, an immediate investigation was launched. However, detecting a hacker does not generally mean that the hacker was on the network at that exact moment. Sometimes they remain in systems for weeks, months, or even more than a year. In the first few days after discovery, it is often not yet possible to publicly share any information about such periods. An investigation, however, may provide clarity. The ministry promises to share more information when possible.
Access to the affected systems was blocked on March 23, which has consequences for some employees. However, the ministry assures that services provided to citizens and businesses by the Tax and Customs Administration and the Benefits Agency have not been affected. It remains unclear why access to the systems was not blocked sooner after the hackers were detected.
Series of Incidents at the Dutch Government
Earlier this year, it was revealed that the Judicial Institutions Service had experienced a serious cyber incident, during which attackers had access to internal systems for months. Even more recent reports revealed that the Judicial ICT Organization was hacked twice, partly due to a configuration error that weakened internal firewalls. And in April 2025, several ministries were affected by a major data breach, including the Ministry of the Interior and the Ministry of Economic Affairs.