Data breach Population Research 2025 – Unmasked

The recent data breach at the population screening for cervical cancer shocked the Netherlands. At laboratory Clinical Diagnostics NMDL, the data of at least 715,000 women were captured, possibly rising to 941,000. This involved extremely sensitive data such as BSN numbers, examination results and GP data. This incident highlights not only the enormous impact of cyber attacks in the healthcare sector, but also the need for strict compliance with standards such as NEN 7510 and NEN 7513.

At ALTA-ICT, we see daily how Dutch healthcare institutions and SME organizations struggle with information security. This data breach shows that merely complying with basic guidelines is not enough; ongoing audits, monitoring and crisis management are essential.

Power BI Governance – From Chaos to Control

What happened?

Hacker group Nova managed to gain access to the laboratory system and set a ransom ultimatum.
Some of the stolen data has already appeared online.
More than 405,000 women received identity fraud warning letters.
Investigations by OM, IGJ and AP are ongoing, and legal claims are being pursued on behalf of victims.

Key lessons for Dutch organizations

Structural risk assessments
ISO/NEN-certified audits should take place at least annually – including penetration testing and organizational controls.
Strict access control and segmentation
Make sure only necessary employees have access. Split systems so that a hack does not expose everything.
Logging and monitoring
Full NEN 7513 logging with visibility into who accesses or modifies what data, when. Monitoring drastically reduces incident detection time.
Incident response and communication
Notification must be made to the AP within 72 hours, but also clear communication to data subjects: transparent, timely and supportive.
Awareness and training
Employees remain the weakest link. Structural awareness programs are crucial against phishing and social engineering.

The ALTA-ICT approach

At ALTA-ICT, we combine technical expertise with organizational assurance. Our healthcare and SME clients benefit from:
✅ ISO27001, ISO9001 and NEN7510-certified approach
✅ >50% faster detection time of incidents thanks to 24/7 monitoring
✅ 99.9% uptime guarantee via Dutch data centers
✅ Clear communication towards regulators and clients

Frequently Asked Questions

How big is the data breach?
At least 715,000 casualties, possibly rising to 941,000.

What data was stolen?
Names, addresses, dates of birth, BSN, examination results and, in some cases, GP records.

What can those involved do?
Stay alert for phishing, activate fraud alerts at BKR, and explore legal options.

Does NEN 7510 help against these kinds of hacks?
Yes, if fully implemented and supported by independent audits, extensive logging and careful risk management. Only then does NEN 7510 offer real protection against data breaches.

📌 Join the collective claim: https://claimbevolkingsonderzoek.nl/
☎️ 015 – 799 7904

Conclusion

This incident proves how vulnerable even essential healthcare processes are without robust security. Compliance with NEN standards is only the beginning – true protection only comes with an integrated approach of technology, policy and human behavior.

Want to know how ALTA-ICT protects your organization against data breaches? Book a free NEN 7510 quick scan via alta-ict.nl/appointmentdate or contact us directly for a no-obligation consultation.