Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

Staff Editor 2026-02-10
Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

https://securityaffairs.com/187806/security/dutch-agencies-hit-by-ivanti-epmm-exploit-exposing-employee-contact-data.html

Publish Date: 2026-02-10 05:20:00

Source Domain: securityaffairs.com

Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data

Pierluigi Paganini
February 10, 2026

Dutch agencies confirmed attacks exploiting Ivanti EPMM flaws that exposed employee contact data at the data protection authority and courts.

Dutch authorities said cyberattacks hit the Dutch Data Protection Authority and the Council for the Judiciary after hackers exploited newly disclosed flaws in Ivanti Endpoint Manager Mobile (EPMM). The incidents were reported to parliament, and the National Cyber Security Center was alerted on January 29 after the vendor disclosed the vulnerabilities. EPMM manages mobile devices, apps, and security, and the attacks exposed employee contact information.

“State Secretary Rutte (JenV) and State Secretary Van Marum (BZK) informed the House of Representatives about the exploitation of a vulnerability in Ivanti Endpoint Manager Mobile (EPMM) at the Dutch Data Protection Authority (AP) and the Judicial Council (Rvdr). EPMM is a system for managing mobile devices, apps, and content, including their security.” reads the advisory. “On 29 January the National Cyber Security Centre (NCSC) was informed by the supplier of vulnerabilities in EPMM. EPMM is used to manage mobile devices, apps and content, including their security. Based on the information known at this moment, I can report that at least the AP and the Rvdr have been affected. “

Attackers accessed work-related contact details of AP staff, including names, work emails, and phone numbers. Authorities quickly took action, informed affected employees, and reported the incident. The NCSC continues to monitor the issue and assess any wider impact across government systems.

“It is now known that work‑related data of AP employees, such as name, business e‑mail address and telephone number, have been accessed by unauthorised parties.” continues the advisory. “As soon as the…

Source

More Stories

Opal Security Raises Million for AI-Native Identity Governance

Opal Security Raises $23 Million for AI-Native Identity Governance

Staff Editor 2026-06-06
Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Staff Editor 2026-06-06
Franklin Student is a Cyber Security Champ at Bridgewater State

Franklin Student is a Cyber Security Champ at Bridgewater State

Staff Editor 2026-06-06

Terms and Conditions - Privacy Policy