Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) and the Council for Justice
February 1, 2026
•[ vulnerability, data leak, employee personal information ]
Dutch media reporting summarized by DataBreaches stated that a vulnerability in Ivanti Endpoint Manager Mobile (EPMM), used by government agencies, allowed unauthorized third parties to access employee personal information at multiple Dutch agencies, including the Dutch Data Protection Authority and the Council for Justice. The exposed information was described as employee names, email addresses, and phone numbers; the number of affected employees was still under investigation at the time of reporting.
