Background:

The Dutch government has published a cloud policy in 2022 that allows public cloud use, even for sensitive information. Use of public cloud will probably grow further in 2024.

The prediction:

Will there be a cyber incident / breach with a public cloud service used by the Dutch government in 2024?

Resolution:

Resolved if it is published on one or more news sites like: nos.nl, nu.nl or security.nl, or similar

Edge cases will be discussed before resolution

What counts:

Compromise, data-theft, data-loss, ransomware etc.

DDos or cable cuts, loss of service

Incident with hyperscaler public cloud service like M365, Azure, AWS or Google.

Incident with cloud reseller, selling hyperscaler services

Incident with service based upon public cloud, like Zivver

Incident with a private government cloud, like ODC-Noord

Incident caused by cloud vulnerability, admin error, misconfiguration and user error

Does not count as breach:

Hacking devices of a government employee and stealing the data from this endpoint device

Personal errors of a government employee, like losing a USB stick

Privacy non-compliance cases

What counts as government:

National, provincial and municipal organisations

In Dutch jargon: ZBO's, agentschappen, waterschappen, provincies, gemeenten.

Does not count as government:

Hospitals, schools and universities.

Examples:

See the comments in previous version of this prediction:

Will there be a cyberbreach of a Dutch government organization in 2023? | Manifold

Resolution date:

There may be some lag time between discovery and publication. So, if no hack is published by 31 January 2025 this will resolve to NO. Later publications of 2024 breaches will be ignored.