NFIR discovers that Authority Personal Data leaked employee names


An important message regarding security awareness

Security awareness is the extent to which employees are able to prevent and avert information incidents. The awareness and sense of responsibility that employees have in information security is of great importance. Other terms for security awareness are cyber awareness, security awareness, security awareness and information awareness. Processes and techniques are manageable, people a lot more difficult. Our Cyber Awareness services are aimed at making employees aware of the contribution they make to the digital security of your organization. NFIR offers lectures, workshops, hacker demos, phishing mail actions and security awareness (serious) games to increase cyber awareness.

Authority Personal data accidentally leaked names of personnel

The Personal Data Authority accidentally disclosed the names of employees, that uncovered NFIR investigator Mischa van Geelen this week. Among other things paid attention to the leak. The names could be traced back to some 800 documents published by the Personal Data Authority.

After having reported the leak to the organisation and having received confirmation from the Personal Data Authority that the data breach had been resolved, it was decided to now make this report transparent. “It is not our policy to disclose employee names,” says Pauline Gras to For this reason, authors of investigations, legal opinions and reports are never made public.

According to Gras, the Personal Data Authority took action after the leak had been reported: ‘We have in the meantime modified all the pdf’s of which we know that this is happening’. Personnel of the Authority Personal data has been informed of the leak.