Dutch intel blames “unknown Russian hackers” for cyberattacks on state and private institutions

The Netherlands’ intelligence services have accused an unidentified hacker group allegedly linked to Russia of conducting a series of cyberattacks targeting both governmental and commercial institutions across the country.

According to a joint report published by the Dutch General Intelligence and Security Service (AIVD) and the Military Intelligence and Security Service (MIVD), the group, referred to as Laundry Bear, has been actively engaged in espionage-oriented cyber operations since 2024, Caliber.Az reports, citing Russian media.

These operations, the report states, are aimed at countries within the European Union and NATO, with a particular focus on gathering intelligence related to weapons deliveries to Ukraine.

The Dutch intelligence agencies allege that the hackers targeted law enforcement bodies, defence contractors, and high-tech firms. In one of the incidents highlighted in the report, an attack carried out in the autumn of 2024 reportedly led to the theft of work-related contact information belonging to Dutch police personnel.

The MIVD noted that the group’s main objective appears to be obtaining sensitive data on the procurement and deployment of military equipment by Western countries. However, the Dutch authorities have not made public any technical evidence linking the cyber operations to the Russian state or its intelligence services. Instead, their conclusions are based on assessments and intelligence analysis.

The breach of the Dutch police database first came to light on September 27, 2024. Initial statements revealed that the cyberattack had resulted in the theft of names, professional email addresses, and phone numbers of nearly all 65,000 members of the national police force. Later reports indicated that in some cases, personal data had also been compromised.

By Tamilla Hasanova