Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Dutch Research Council (NWO) Confirms Ransomware Attack, Data Leak

Dutch Research Council (NWO) Confirms Ransomware Attack, Data Leak

The recent cyberattack that forced the Dutch Research Council (NWO) to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang.

The hackers gained access to NWO’s network on February 8 and stole internal documents, threatening with leaking them unless the organization paid a ransom.

No dime for DoppelPaymer

Since NWO does not cooperate with cybercriminals, DoppelPaymer published proof of the stolen internal data on their leak site. This tactic is typical to ransomware gangs and the purpose is to pressure victims into paying the ransom.

NWO is the main body that funds researchers at universities and institutes in the Netherlands, making annual investments of up to one billion euros.

The organization announced on February 14 that its network had been hacked, without providing details regarding the incident, only about the impact it has on its activity.

Also Read: Trusted Data Sharing Framework IMDA Announced In Singapore

On Wednesday, the DoppelPaymer ransomware gang leaked a dozen files stolen from NWO’s servers to show that they have a larger cache and are still open to negotiations.

[Although the ransomware gang call themselves Dopple, the media refers to this actor as Doppel because of the extension “doppeled” they append to the encrypted files on a victim’s system]

In an update on the incident yesterday, the organization says that the hackers have internal NWO documents from the past years that include details about its employees. This does not change its decision not to pay the hackers.

Network restoration

NWO is currently working on restoring the network, which indicates that systems have been encrypted, typical to most ransomware actors. Operations are expected to resume in a few weeks.

FAQ from the organization informs that the cyberattack impacted network disks with data processed by NWO, the NWO-I office, the National Governing Body for Practice-oriented Research SIA, and the Netherlands Initiative for Education Research (NRO).

Other organizations using the same network servers are the NRO Steering Body, SIA Steering Body, TKI-HTSM, TKI Chemie, European Polar Board, and the LNVH were affected.

The UK Research and Innovation (UKRI) agency, which has the same mission as NWO, has also been hit by a ransomware attack in January that encrypted data and affected some of its services.

Also Read: Data Protection Authority GDPR: Everything You Need To Know

While NWO still has some work to do to restore services and operations, UKRI announced that it restored services provided by its UK Research Office (UKRO) based in Brussels. Users will have to reset their passwords at login.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us