Definition:

Hackers break into the back-end of a Dutch government organization and steal, publish or destroy confidential information. And the incident will be published on the security.nl (or nos.nl news site, or similar).

Counts as breach:

The datacenter, cloud service or "back end" of the government organization must be compromised:

Administrator error, like not applying patches, and then getting hacked

Hacking endpoint devices of a government employee and using this to compromise the back-end

Government employee loses a USB stick with passwords that provide access

Government employee makes an error that makes a hack of the back end possible (like: leaving admin dashboard open on the internet)

Getting phished and giving a hacker access to an internal share

Social engineering

Insider threat

Does not count as breach:

DDos or cable cuts

Hacking devices of a government employee and stealing the data from this endpoint device

Personal errors of a government employee, like losing a USB stick with data

Administrator error that does not need hacking, like leaving an Amazon bucket open

Privacy non-compliance cases

What counts as government:

National, provincial and municipal organisations

In Dutch jargon: Ministeries, ZBO's, agentschappen, waterschappen, provincies, gemeenten.

Does not count as government:

Hospitals, schools and universities.

Examples:

See the comments in previous version of this prediction:

Will there be a cyberbreach of a Dutch government organization in 2023? | Manifold

Resolution date:

There may be some lag time between discovery and publication. So, if no hack is published by 31 January 2026 everything will resolve to NO. Later publications of 2025 breaches will be ignored.