top of page
Search

Dutch Agencies Targeted by Ivanti Zero-Day Vulnerability, Exposing Employee Data

  • Feb 10
  • 2 min read

Key Findings


  • Dutch Data Protection Authority (AP) and Council for the Judiciary (Rvdr) confirmed cyber attacks exploiting Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities

  • Attacks exposed employee contact information, including names, work emails, and phone numbers

  • European Commission also detected a cyberattack on its mobile device management platform, exposing some staff names and phone numbers

  • Ivanti acknowledged vulnerabilities (CVE-2026-1281 and CVE-2026-1340) have been exploited as zero-days


Background


Ivanti EPMM is a system used for managing mobile devices, apps, and security. On January 29, 2026, the National Cyber Security Centre (NCSC) in the Netherlands was informed by the vendor about vulnerabilities in EPMM.


Dutch Agencies Impacted


  • The Dutch Data Protection Authority (AP) and the Council for the Judiciary (Rvdr) have been affected by the attacks

  • Unauthorized parties accessed work-related data of AP employees, including names, business email addresses, and phone numbers

  • Measures were taken immediately, and affected employees were informed


European Commission Breach


  • On January 30, 2026, the European Commission detected a cyberattack on its mobile device management system

  • The attack may have resulted in access to staff names and mobile numbers, but no devices were compromised

  • The Commission contained and cleaned the system within 9 hours, and continues to monitor security and review the incident


Vendor Acknowledgement


  • Ivanti has acknowledged the vulnerabilities (CVE-2026-1281 and CVE-2026-1340) have been exploited as zero-days

  • The vendor said a "very limited number of customers" were exploited, but has not provided an updated victim count

  • The attacker is said to have gained access to information used in operating the service, including names, work email addresses, phone numbers, and device details


Implications


  • Stolen data could enable targeted vishing and phishing attacks, as well as reconnaissance for spear phishing or physical targeting of key personnel

  • GDPR violations and reputational damage could undermine the Union's cyber credibility

  • Attackers are targeting trusted, deeply embedded enterprise systems, and resilience is crucial in addition to prevention


Sources


  • https://securityaffairs.com/187806/security/dutch-agencies-hit-by-ivanti-epmm-exploit-exposing-employee-contact-data.html

  • https://thehackernews.com/2026/02/dutch-authorities-confirm-ivanti-zero.html

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page