Theregister
Dutch Data Protection Authority Breached in Ivanti Zero-Day Exploitation
First seen 9 Feb 2026, 20:21 UTC
•

•90% similarity
•66.4
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
The Dutch Data Protection Authority (AP) confirmed it was compromised during a wave of attacks exploiting Ivanti vulnerabilities. The attack, which occurred on January 29, involved the Ivanti Endpoint Manager Mobile (EPMM) bugs, leading to a data breach affecting AP employees. This incident was part of a broader exploitation of zero-day vulnerabilities in Ivanti products.
ThreatCluster AI
Timeline
2026-01-29
Attack on Dutch Data Protection Authority occurred
2026-01-29
CVE-2026-1340 published
2026-01-29
CVE-2026-1281 published and added to CISA KEV
2026-02-01
First public PoC for CVE-2026-1281 released
2026-02-09
AP confirms breach in letter to Dutch parliament