Here’s your weekly #databreach news roundup:
Dutch National Police, European Commission, AFC Ajax, Crunchyroll, and Infinite Campus.
Dutch National Police
The Dutch National Police (Politie) reported that a recent phishing attack caused a security breach, but its impact appears to be limited and no citizens’ data or sensitive investigation information was accessed. The attack was quickly detected and stopped by their security team, and an investigation is still ongoing to understand exactly what happened and whether any employee data was affected. Authorities have not yet shared details about when the attack occurred or which systems were involved. This incident comes after a previous cyberattack in 2024 where officers’ contact details were stolen, prompting the police to strengthen security measures like increased monitoring and more frequent two-factor authentication. Meanwhile, Dutch authorities also recently arrested a man linked to an extortion attempt involving mistakenly shared police documents.
European Commission
The European Commission is investigating a security breach where a hacker gained access to one of its Amazon Web Services (AWS) accounts, though AWS itself was not compromised. The attack was detected quickly, and an internal cybersecurity team is now looking into it. The hacker claims to have stolen over 350 GB of data, including databases and employee-related information, and may leak it online, though they say they won’t use it for extortion. The Commission has not yet confirmed these details publicly. This follows another recent breach involving hacked device management software used by EU staff, part of a wider wave of cyberattacks on European institutions exploiting software vulnerabilities. These incidents come amid growing concerns over cyber threats, as the EU pushes for stronger cybersecurity laws and has recently taken action against companies linked to attacks on critical infrastructure.
AFC Ajax
AFC Ajax revealed that a hacker exploited weaknesses in its IT systems, gaining access to limited personal data, mainly email addresses of a few hundred people and more detailed information for fewer than 20 individuals with stadium bans. The issue was first uncovered by journalists who were tipped off and demonstrated that the flaws could also allow ticket transfers and changes to stadium bans, potentially affecting thousands of accounts. The club has since fixed the vulnerabilities, brought in external experts to investigate, and informed authorities, stating that the data has not been leaked. While the hacker appears not to have misused the access, fans are advised to stay alert for suspicious messages, especially those pretending to be from the club.
Crunchyroll
Crunchyroll is investigating a possible data breach after hackers claimed they stole information from about 6.8 million users. The company says the issue likely involves customer support ticket data accessed through a third-party vendor, not its core systems, and there’s no evidence of ongoing access. The attackers allegedly got in by compromising a support agent’s login (linked to an outsourcing company) using malware, which gave them access to multiple internal tools and millions of support records containing user details like names, emails, IP addresses, and messages. Some payment details may have been exposed, but mostly only if users had shared them in support tickets. The hackers reportedly demanded $5 million but got no response. This case highlights how outsourcing companies can become weak points, as attackers increasingly target support staff to gain access to large amounts of sensitive data.
Infinite Campus
Infinite Campus reported a data breach after hackers accessed an employee’s Salesforce account and attempted to extort the company, likely linked to the ShinyHunters group. The exposed data mainly includes names and contact details of school staff, most of which is already publicly available, and the company says no student databases or sensitive student data were accessed. Infinite Campus refused to negotiate with the attackers and is now investigating, scanning affected systems, and notifying impacted school districts while also tightening security measures. The incident highlights a growing trend of attackers targeting Salesforce accounts, though the overall impact here appears limited compared to larger past education-sector breaches.
