The population screening for cervical cancer has been hit by a massive data breach at one of the laboratories involved. Cybercriminals have obtained personal data of over 485,000 participants. The Ministry of Health, Welfare and Sport (VWS) informed the House of Representatives about this through a letter dated Aug. 11, 2025.
The data breach was discovered on July 6 at Clinical Diagnostics NMDL, a subsidiary of Eurofins. This laboratory is responsible for the analysis of smears and self-taking tests for Bevolkingsonderzoek Nederland (BVO NL). The exact extent of the data breach is still unclear, but it is known that personal data and special personal data were captured, including name, address, citizen service number, phone numbers, email addresses and test results.
As an immediate response to the incident, BVO NL, in coordination with the National Institute for Public Health and the Environment (RIVM) and the Ministry of Health, Welfare and Sport, has decided to suspend cooperation with Clinical Diagnostics NMDL effective immediately. This temporary suspension is not expected to jeopardize the continuity of the population study.
VWS Minister Daniëlle Jansen expressed her deep regret about the leak in the letter. She acknowledged participants' concerns and questions and emphasized the impact it can have when personal data falls into the wrong hands.
Measures and Research Are Running Intensive Various measures are underway to mitigate the impact of the hack and understand the extent of the problem:
- A crisis team has been established.
- BVO NL has reported to the Autoriteit Persoonsgegevens and the Health and Youth Inspectorate.
- The RIVM contacted the National Cyber Security Center (NCSC) for assistance.
- An independent investigation has been launched by BVO NL, in coordination with the RIVM, to determine the exact extent and cause of the hack. This investigation will also consider whether the laboratory had taken sufficient measures to prevent or mitigate hacks.
Information and Support for Participants The RIVM and BVO NL will inform affected participants personally via letter mail, expected early next week. Because sending such a large number of letters takes time and will not reach everyone at the same time, the information will also be shared widely through the media and the Parliamentary Letter.
For questions, concerns and comments, BVO NL's customer contact center has been scaled up. Participants can go here by phone, e-mail and social media.
Important Reassurances The minister emphasizes that the data breach has not affected the results of the population screening for cervical cancer. It also reiterates that the continuity of screening is not at risk. The government, BVO NL and the RIVM are jointly committed to minimize the damage of this data breach and to work on structural solutions for the future. As soon as new information becomes available, the Lower House will be further informed.
