The Dutch Ministry of Finance has taken some systems offline, including its digital treasury banking portal, while it investigates a cyberattack detected two weeks ago. The outage affects about 1,600 public institutions that use the portal to manage treasury accounts.
KEY FACTS
- Incident A breach was detected on March 19 and systems were shut down for security reasons on March 23.
- Impact About 1,600 public institutions cannot view their treasury balances online.
- Functions affected Users cannot apply for loans, deposits or credit, change intraday limits or generate reports.
- Payments Incoming and outgoing payments continue through regular banking channels.
- Response The case is being investigated with the Dutch National Cyber Security Center and external forensic experts.
In last week’s disclosure, the ministry said the March 19 breach did not affect systems used for tax collection, income-linked subsidies, or import and export rules for citizens and businesses. It did not say how many employees were affected or whether data was stolen.
In a statement to the Dutch House of Representatives on Monday, Finance Minister Eelco Heinen said the ministry had taken several systems offline, including the treasury banking portal. He said participants still have full access to their funds and that minimum service levels will be maintained manually where needed.
The disclosure also said the ministry has notified the Dutch Data Protection Authority and filed a report with the national police’s High Tech Crime Team. No threat group has claimed responsibility, and the ministry has not given a timeline for restoring full service.
Other Dutch institutions have faced similar incidents in recent months, including a breach at the National Police Corps in 2024. Authorities also arrested a man in February in a separate case tied to confidential police documents.
WHY IT MATTERS
The outage shows how a security incident at a finance ministry can disrupt access to banking tools used by public institutions, even when core payment flows remain available. The case also adds to a series of recent cyber incidents affecting Dutch government bodies.