The Dutch Ministry of Finance is keeping the “Mijn Schatkist” (My Treasury) self-service portal offline for the time being following a cyber incident. As a result, 1,600 institutions are unable to view their balances or generate reports. It is unknown when the system will be restored. Services provided by the Tax and Customs Administration and the Benefits Agency have not been affected.
The treasury banking portal remains offline for the time being after unauthorized access to the systems was detected. Finance Minister Eelco Heinen briefed the House of Representatives on the situation. Systems have been taken offline for investigation and due to heightened security measures.
It was then reported that intruders had gained access to systems supporting core processes at the ministry. Exactly what those systems contained or how deeply the intruders were able to infiltrate the system was not yet known at that time. The minister has not yet released any updates on this matter. The unauthorized access to the systems was detected on Thursday, March 19; the systems were taken offline on March 23.
Who is affected?
Local governments, courts, and affiliated schools manage their funds with the national treasury through the Mijn Schatkist portal. Participating agencies still have full access to their funds, Heinen notes. Incoming and outgoing payments are proceeding as usual through regular banking channels. Where necessary, minimal services are being maintained manually.
Heinen also stated that work is proceeding at full speed: “You can rest assured that everyone involved is working day and night to resolve this incident.” However, he could not say how long that would take.
Services provided by the Tax and Customs Administration and the Benefits Agency will continue as usual, as these organizations are not affected by the incident. Citizens can therefore file their tax returns as usual, and benefits will be paid out on time.
Part of a broader series of incidents
The incident at this ministry is not an isolated case. Last month, the Judicial Institutions Service dealt with a serious cyber incident in which attackers had access to internal systems for months. The Judicial ICT Organization was even hacked twice, partly due to a configuration error in internal firewalls. And in April 2025, a major data breach affected several Dutch ministries, including the Ministries of the Interior and Economic Affairs. Recently, the municipality of Epe also fell victim to a cyberattack.