• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Taking over millions of developers exploiting an Open VSX Registry flaw

 | 

OneClik APT campaign targets energy sector with stealthy backdoors

 | 

APT42 impersonates cyber professionals to phish Israeli academics and journalists

 | 

Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

 | 

Cisco fixed critical ISE flaws allowing Root-level remote code execution

 | 

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

 | 

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

 | 

Hackers deploy fake SonicWall VPN App to steal corporate credentials

 | 

Mainline Health Systems data breach impacted over 100,000 individuals

 | 

Disrupting the operations of cryptocurrency mining botnets

 | 

Prometei botnet activity has surged since March 2025

 | 

The U.S. House banned WhatsApp on government devices due to security concerns

 | 

Russia-linked APT28 use Signal chats to target Ukraine official with malware

 | 

China-linked APT Salt Typhoon targets Canadian Telecom companies

 | 

U.S. warns of incoming cyber threats following Iran airstrikes

 | 

McLaren Health Care data breach impacted over 743,000 people

 | 

American steel giant Nucor confirms data breach in May attack

 | 

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

 | 

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Cyber Crime
  • Hacking
  • Malware
  • Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker

Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker

Pierluigi Paganini February 27, 2023

The Dutch police arrested three individuals as a result of an investigation into computer trespass, data theft, extortion, extortion, and money laundering.

The Dutch police announced the arrest of three men as the result of an extensive investigation into computer trespass, data theft, extortion, extortion, and money laundering

The suspects were arrested by the Amsterdam police arrested on January 23, 2023.

A prime suspect is a 21-year-old man from Zandvoort, the other two men arrested are a 21-year-old man from Rotterdam and an 18-year-old man of no fixed abode. 

The Dutch police started the investigation in March 2021 following a complaint of data theft and threats from a large Dutch company. The investigation revealed that probably thousands of national and international small and large organizations were hacked by the suspects that also attempted to extort money from the victims. It has been estimated that crooks have stolen the sensitive data of millions of individuals.

“During the course of the investigation, it has become clear that probably thousands of small and large companies and institutions, both national and international, have fallen victim to computer intrusion (hacking) in recent years and subsequently theft and handling of data. Tens of millions of privacy-sensitive personal data have fallen into the hands of criminals as a result of this theft and trade.” reads the press release published by the Dutch Police.

Dutch Police DDoS

Compromised data include names, addresses, telephone numbers, dates of birth, bank account numbers, credit cards, passwords, license plates, citizen service numbers or passport data. 

The huge trove of data stolen by cybercriminals can be used by threat actors to conduct a broad range of illegal activities, from identity theft to financial scams.

The group demanded a Bitcoin payment from the affected companies and threatened to publish the stolen information online or destroy their infrastructure. The ransom demanded from the victims ranged between €100,000 and €700,000. The bad news is that the gang ended up selling the stolen data despite the victims have paid the ransom.

“The impact for the affected companies is enormous. This not only concerns financial damage, but also damage to the image and all the extra efforts to restore systems. Even companies that have their security in order can be affected by these types of facts.” concludes the report. “On top of that there are the consequences for the people at these companies on a personal level. They feel responsible for something that often happened through no fault of their own.” 

The worst aspect of this story is that one of the three men reportedly works as an “ethical hacker” for Dutch security organization DIVD, or Dutch Institute for Vulnerability Disclosure. The Dutch Institute for Vulnerability Disclosure (DIVD) foundation is a foundation established in 2019 with the aim of making the digital world safer by conducting research into vulnerabilities in information systems, reporting vulnerabilities found to those involved and offering assistance in resolving them.

“One of the men arrested had access to all kinds of sensitive information because he worked on confidential cybercrime investigations as a DIVD researcher, according to Dutch public broadcasting company NOS.” reported The Register. “You don’t just get access to information at DIVD, so he played it very cleverly,” the anonymous source told NOS. “You only get access to information if you really cooperate with an investigation.”

“A DIVD spokesperson told the broadcaster that the organization had “no indications” the suspect had abused his access to personal data. “We are just as shocked as everyone else,” a DIVD spokesperson said.”

At the end of November 2022, the Amsterdam police arrested a 25-year-old man from Almere who is suspected of having stolen or traded the personal data of tens of millions of people around the world.

The investigation into the activity of the man was launched by the Austrian Federal Criminal Investigation Service which spotted the man offering a dataset on a cybercrime forum in May 2020.

The man was offering a dataset containing millions of addresses and personal data from the Geburen Info Service GmbH (GIS), which maintains an archive of broadcasting reception equipment (TV, radio etc.) in the country and collects the viewing and listening fees from the citizens.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, cybercrime)


facebook linkedin twitter

Cybercrime Dutch Police extortion Hacking hacking news information security news IT Information Security malware Pierluigi Paganini ransomware Security Affairs Security News

you might also like

Pierluigi Paganini June 27, 2025
Taking over millions of developers exploiting an Open VSX Registry flaw
Read more
Pierluigi Paganini June 27, 2025
OneClik APT campaign targets energy sector with stealthy backdoors
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Taking over millions of developers exploiting an Open VSX Registry flaw

    Hacking / June 27, 2025

    OneClik APT campaign targets energy sector with stealthy backdoors

    Hacking / June 27, 2025

    APT42 impersonates cyber professionals to phish Israeli academics and journalists

    APT / June 27, 2025

    Kai West, aka IntelBroker, indicted for cyberattacks causing $25M in damages

    Cyber Crime / June 26, 2025

    Cisco fixed critical ISE flaws allowing Root-level remote code execution

    Security / June 26, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT