Cancer screening hack far bigger than thought, agency says

The scale of a data theft from a Dutch national screening program laboratory is far greater than initially reported, research agency Population Research Netherlands said on Friday.

Hackers may have accessed the personal and medical details of all 941,000 women who have taken part in the cervical cancer screening program since 2017, the agency said in a website statement.

The organization first said that data from 485,000 participants had been stolen, but has now confirmed that at least 715,000 women have been affected. Because it cannot rule out that the entire database was compromised, every woman who has taken part in the program since 2017 will receive a letter in the coming weeks.

As well as personal details, the stolen files contained medical information, some of which has already been published on the dark web.

RTL Nieuws reported that the names, home addresses and BSN numbers of a minister and an MP were among the leaked data, along with details of the tests they underwent.

“We realize this is a very distressing message for participants in the cervical cancer screening program,” Population Research Netherlands said in a statement. “We are communicating this now because participants must be alert to phishing and fraud.”

The public prosecution service and police have launched a criminal investigation into the theft to establish who was behind the hack. Tens of thousands of women have also signed up for mass claims in response to the breach.