Due to a data leak at the Chamber of Commerce (CoC), the personal data of some 1,800 people are out in the open. Among other things, the private addresses of MPs from D66, GroenLinks and BIJ1 became known as a result. The same applies to the data of political parties, their youth associations and politically activist organizations. The Chamber of Commerce is now taking accelerated additional measures. The Chamber of Commerce writes this in a press release on its website.
According to the Chamber of Commerce, a former lawyer requested historical information of various Chamber members and organizations from the Trade Register. This includes private addresses of board members and officials. These may not be removed from the Trade Register. On the other hand, these addresses are not public and can only be requested by a limited number of agencies and professional groups. These include lawyers, notaries and bailiffs.
The former lawyer had himself disbarred early this year. Thus, he was no longer allowed to request the addresses. However, he had neglected to have his authorization revoked. Thus it happened that in June the man could still consult the Trade Register. Why he did so is unknown. The Chamber of Commerce emphasizes that authorization holders themselves are responsible for having their authorization revoked.
According to RTL News, the private addresses of some 1,800 people have been leaked. These include the addresses of MPs From D66, GroenLinks and BIJ1. Data were also captured from youth associations of political parties such as DWARS (GroenLinks). The data of the Landelijke Studentenvakbond (LSVb), Farmers Defense Forse and an action group against the corona measures were also leaked.
"D66 has warned time and again that the Chamber of Commerce needs to handle more carefully the data of people who are at extra risk of intimidation or threat," Lisa van Ginneken told RTL News. Together with Sylvana Simons (BIJ1), she is going to submit written questions on the issue to outgoing State Secretary for Economic Affairs and Climate Mona Keijzer.
Simons wants zzp'ers to be allowed the same protection as MPs and board members. "BIJ1 wants a closed register where only people with a specific function or reason are given the authority to request this data," Simons explained.
Following the data breach, the Chamber of Commerce contacted the Dutch Bar Association. This revealed that there were more former lawyers who were still authorized to request non-public data. The Chamber of Commerce still revoked this authorization from 164 people. The organization notes that 92 former employees have used their authorization to request data in recent months. "We are investigating whether this poses a risk to those involved and will then take any follow-up steps," the Chamber of Commerce said.
To prevent recurrence in the future, the Chamber of Commerce is taking accelerated additional measures. In the coming period, it will review the authorizations of other authorized professional groups. The Chamber will also perform periodic checks to see whether lawyers, notaries and bailiffs are authorized to view non-public data from the Trade Register. A spokesman for the organization calls it "wrong" that there is currently no automatic check.
The former lawyer responsible for the data breach confirms in writing to the Chamber of Commerce that he has destroyed the non-public data. As far as is known, he did not make any copies of the data. Through a letter, those affected were informed of the data breach. The leak was also reported to the Autoriteit Persoonsgegevens. A spokesperson for the police confirmed to RTL News that they had been informed of the incident.
