The number of hacks reported to the Dutch Authority for the Protection of Personal Data (Autoriteit Persoonsgegevens) in which personal data was stolen increased by 30% in 2020 compared to 2019.
In 2020, the Dutch Personal Data Authority received 1,173 reports of data breaches in which hacking, malware or phishing was used to steal personal data.
Criminals mainly target organisations that process a lot of personal data. Criminal hackers are increasingly active on a company's network for a longer period of time in order to map out the company and its system. Subsequently, they steal large amounts of personal data and/or carry out a ransomware attack in which they encrypt essential computer systems and only undo this in exchange for payment.
The theft of personal data, in particular, can cause a great deal of trouble and damage for individuals. Criminals can use personal data for identity fraud and scams. Using the stolen personal data, criminals try to obtain more data or cheat money via phishing.
Incidentally, the number of data breach notifications due to errors without malicious intent has decreased by 3,000 cases compared to 2019 to 24,000 notifications. A large part of the decrease is because collection agencies have improved their working methods and fewer payment reminders ended up with the wrong recipients.