{
	"id": "d744d3f2-919a-4942-931a-e011c93ad523",
	"created_at": "2026-04-06T03:35:38.198693Z",
	"updated_at": "2026-04-10T13:12:39.390665Z",
	"deleted_at": null,
	"sha1_hash": "042c805ef838efc8f7e4d8810f776a603d8a6d7d",
	"title": "Ransomware gang targets Belgian municipality, hits police instead",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2100050,
	"plain_text": "Ransomware gang targets Belgian municipality, hits police instead\r\nBy Bill Toulas\r\nPublished: 2022-11-26 · Archived: 2026-04-06 03:26:45 UTC\r\nThe Ragnar Locker ransomware gang has published stolen data from what they thought was the municipality of\r\nZwijndrecht, but turned out to be stolen from Zwijndrecht police, a local police unit in Antwerp, Belgium.\r\nThe leaked data reportedly exposed thousands of car number plates, fines, crime report files, personnel details, investigation\r\nreports, and more.\r\nhttps://www.bleepingcomputer.com/news/security/ransomware-gang-targets-belgian-municipality-hits-police-instead/\r\nPage 1 of 5\n\nRagnar Locker listing the wrong victim (BleepingComputer)\r\nThis type of data can potentially expose people who reported crimes or abuse and could compromise ongoing law\r\nenforcement operations and investigations.\r\nhttps://www.bleepingcomputer.com/news/security/ransomware-gang-targets-belgian-municipality-hits-police-instead/\r\nPage 2 of 5\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/ransomware-gang-targets-belgian-municipality-hits-police-instead/\r\nPage 3 of 5\n\nVisit Advertiser websiteGO TO PAGE\r\nBelgian media outlets call this data leak one of the biggest of this kind that has impacted a public service in the country,\r\nexposing all data kept by Zwijndrecht police from 2006 until September 2022.\r\nPolice confirm attack\r\nZwijndrecht police responded to the local media coverage via a post on Facebook, downplaying the impact of the incident\r\nand saying that the hackers only accessed a part of the network where the police held administrative data.\r\nThe police say that the threat actors could only access data on the administrative network, therefore primarily affecting\r\npersonnel.\r\nZwijndrecht police statement on Facebook\r\nChief of police at Zwijndrecht, Marc Snels, told the VRT news network that the data leak resulted from human error, and\r\nthey are now contacting all exposed individuals to inform them about the incident.\r\n\"It is not the case that all data has been leaked. This network mainly contains personal information from our staff, such as\r\npersonnel lists and photos from personnel parties,\" commented Snels to local media.\r\n\"But it is true that there is sometimes sensitive information on that network, even though we always try to put it only on the\r\nprofessional network. Those are human errors. For example, fines and PVs have also been leaked. Also, photos of child\r\nabuse. That is very painful, of course.\" - Chief of Zwijndrecht Police.\r\nWider impact than claimed\r\nAlthough this incident has not impacted the national police network in Belgium, the breach on the local Zwijndrecht\r\nnetwork is still significant for thousands of people.\r\nBelgian journalist Kenneth Dée broke the news of the attack on Het Laatste Nieuws, sharing that the threat actors allegedly\r\nattacked a poorly protected Citrix endpoint to breach the police's network.\r\nDée's investigation of the data revealed telecom service subscriber metadata and SMS of people under covert police\r\ninvestigation.\r\nMoreover, the leaked files contain footage from traffic cameras, exposing the whereabouts of individuals at specific dates\r\nand times.\r\n\"This is the largest law-enforcement leak in the history of Belgium and probably the most impactful leak we have ever seen\r\nin our country,\" Dée told Bleeping Computer.\r\n\"It should be a wakeup call for local police and the way they handle citizens' data, and hopefully, it will set things in motion\r\ntowards changes on that front.\"\r\nhttps://www.bleepingcomputer.com/news/security/ransomware-gang-targets-belgian-municipality-hits-police-instead/\r\nPage 4 of 5\n\nThe country's data protection office has not yet announced an investigation on the case, but the prosecutor opened a criminal\r\nproceeding that focuses on the hacking incident itself.\r\nBelgian lawyer and privacy activist Matthias Dobbelaere-Welvaert told BleepingComputer that exposed individuals should\r\nchange everything they can, including license plates, identity cards, passports, etc.\r\n\"You can't easily change where you live, but even if you change all documents, the repercussions of this security incident\r\ncould be for a lifetime, and theft identity is no joke,\" says Dobbelaere-Welvaert.\r\n\"It’s my opinion that as long as not all police network systems are adequately protected, no smart camera should be allowed\r\nto turn on.\"\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/ransomware-gang-targets-belgian-municipality-hits-police-instead/\r\nhttps://www.bleepingcomputer.com/news/security/ransomware-gang-targets-belgian-municipality-hits-police-instead/\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/ransomware-gang-targets-belgian-municipality-hits-police-instead/"
	],
	"report_names": [
		"ransomware-gang-targets-belgian-municipality-hits-police-instead"
	],
	"threat_actors": [],
	"ts_created_at": 1775446538,
	"ts_updated_at": 1775826759,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/042c805ef838efc8f7e4d8810f776a603d8a6d7d.pdf",
		"text": "https://archive.orkl.eu/042c805ef838efc8f7e4d8810f776a603d8a6d7d.txt",
		"img": "https://archive.orkl.eu/042c805ef838efc8f7e4d8810f776a603d8a6d7d.jpg"
	}
}