Knowledge base
September 07, 2025
Data breach at Clinical Diagnostics – Wake-up call for Dutch healthcare system
A serious cyber-attack at the Clinical Diagnostics laboratory (Eurofins) has led to one of the largest data breaches in Dutch healthcare: sensitive medical data of at least 485,000 women has been captured, from smears taken during the population screening for cervical cancer to other GP examinations. The leak has since turned out to be much larger than initially known: up to 941,000 women may have been affected, including data from skin, urine and other tests.
This event is a wake-up call for Dutch healthcare: legal frameworks such as the AVG (GDPR) and NEN7510 are insufficient if organization-wide security is lacking. At ALTA-ICT, we do not see this as an incident, but as a symptom of a broader problem.
In this blog, we analyze:
-
What happened and why it is so serious
-
How exactly the attack occurred
-
Recent developments surrounding the leak
-
What steps Dutch healthcare institutions should take immediately
-
How ALTA-ICT supports organizations, including measurable ROI and AVG compliance
What happened?
In July 2025, the Rijswijk-based Clinical Diagnostics laboratory fell victim to a ransomware attack by hacker group Nova. Immediately afterwards, part of the data – about 100 MB – was published on the dark web as evidence of the hack. This set involved data of about 53,516 people, including names, bsns and medical results.
In response to payment of most likely millions of euros in ransom, the group reportedly threatened to stop further publication. Only the threat does not appear to have gone away: Nova stated that the clinic has “violated agreements” and has issued another ultimatum via a countdown clock for additional demands.
Recently the hackers promise that the data has been removed and that no further publication will follow. The Personal Data Authority and the Health Care and Youth Inspectorate are now investigating what happened at Clinical Diagnostics.
The incident shows the harsh reality: even with AVG/NEN compliance, a healthcare facility is still vulnerable due to inadequate implementations, slow incident management and lack of crisis communication.
Why is this attack so worrisome?
-
Privacy Risks & Identity Fraud
Sensitive medical data combined with BSNs and addresses are a potential gold mine for identity fraud, blackmail and phishing. -
Breach of trust and reputational damage
Such a leak damages trust in population studies and healthcare agencies – with lasting impact on participation and cooperation. -
Compliance and Liability
Delayed notification (only after a month) violates the AVG standard for notification within 72 hours. This can lead to fines, claims and public outrage. -
Ransom phenomenon normalizing
Despite warnings from regulators, organizations are paying ransoms – making ransomware increasingly profitable. -
Structural gaps in cybersecurity
From password policies to monitoring, incident response and data minimization, inadequate measures are at the root of such incidents.
Current status and steps now
-
Size of leak larger than expected: up to 941,000 participants potentially affected.
-
Research and communication: Letters will be sent to all concerned, including women who were previously informed.
-
Oversight and sanctions: IGJ and AP investigate Clinical Diagnostics; administrative or legal action may follow.
-
Now what? Healthcare institutions should be direct:
-
Applying data minimization
-
Real-time monitoring + 24/7 SOC deployments
-
Implement preventive audits in accordance with NEN7510 + privacy-by-design
-
Preparing crisis communications and incident response
-
Implement awareness programs for healthcare personnel
-
How ALTA-ICT helps organizations (with measurable ROI)
At ALTA-ICT B.V. we offer:
-
Risk analysis & preventive audits according to NEN7510 & ISO27001
-
24/7 detection & response to suspicious data streams
-
Privacy-by-Design implementation in accordance with AVG, NEN7510 and care-specific guidelines
-
Employee awareness programs – supported with measurable KPIs
-
Proactive approach: not waiting for things to go wrong, but being demonstrably in control
Measurable ROI examples:
-
Preventive audit + patching → 80% less risk of vulnerabilities
-
Awareness training → 60% reduction in phishing incidents
-
SOC monitoring → Detection time from days to <30 minutes
-
Privacy-by-Design process → Legal peace of mind during inspections
FAQ
What should I do if my data has been leaked?
Stay alert to phishing. Monitor communications yourself and never call back immediately on a suspicious call.
Can a healthcare facility pay a ransom?
Supervisors advise against paying. Privacy and reputation are at stake, and payment does not guarantee removal of data.
How much data was stolen?
Nova claims 300 GB of stolen data. Only 100 MB has been published, but up to 941,000 files may be involved.
Is the government investigating this?
Yes: IGJ and AP investigate Clinical Diagnostics’ information security and reporting practices.
Conclusion
The data breach at Clinical Diagnostics is a harsh wake-up call: even with existing legislation such as AVG and NEN7510, the healthcare sector is vulnerable due to errors in actual implementation. Organizations in the Netherlands need to take action now – not reactively, but proactively, with demonstrable technical and organizational controls.
ALTA-ICT is ready to help: from preventive audits to response, from privacy-by-design to behavior change-always with a focus on measurable ROI.
Contact us for a no-obligation risk audit or consultation. Together, we’ll make sure your organization doesn’t become the next “wake-up call.”
Reference
¹https://www.linkedin.com/posts/altaict_altaict-zorg-cybersecurity-activity-7363449703004266496-5AnR
Want to know more?
