AI fuels massive surge in cyberattacks, Dutch regulator warns
What if AI makes cybercrime unstoppable?

Image by Cybernews.
- The Dutch privacy regulator received nearly 40,000 data breach reports in 2025, up 4.1% from 2024.
- Most breaches involved misdelivered letters, but cyberattack-related breaches rose 58%.
- A ransomware attack on AddComm triggered 5,407 reports, making it the standout incident cited by the authority.
- The AP warned AI is making phishing and scam messages faster, larger-scale and harder to detect.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.
Due to technological advancements in artificial intelligence (AI), it has become increasingly difficult to protect personal information.
“The possibilities and opportunities for society are increasing, but so are the risks. This is because cybercriminals are also taking advantage of new technologies for their attacks and scams,” the Dutch data protection authority (AP) says in a recently published report.
In 2025, the privacy regulator received 39,407 data breach notifications, an increase of 4.1% compared to the year before.
This doesn’t mean that over 39,000 businesses and organizations were hacked. Most data breaches - 25,189 to be exact - originate from letters containing sensitive or personal information that were delivered incorrectly.
One incident stands out above the rest: a ransomware attack on Dutch customer communications company AddComm. Although the attack occurred in May 2024, the data protection authority received 5,407 data breach notifications of the incident last year.
A total of 2,428 data breaches caused by cyberattacks were reported in 2025. That’s an increase of 58% compared to 2024.
Most of these breaches (1,780) were caused by account takeovers. In these kinds of attacks, a hacker gains access to accounts because domains have expired or through phishing. These accounts can then be used to carry out other attacks, such as stealing personal data.
In total, 136 ransomware attacks were reported to the AP, causing at least 283 data breach notifications.
Stay updated with our latest stories and follow us on social media
Be the first to discover new stories, ideas, and updates from our team.
688 data breaches were caused accidentally by organizations themselves, for example, because a worker lost a USB stick containing sensitive information, or an employee accidentally published a document online.
According to the AP, a significant proportion of reported data breaches are attributable to AI.
“Cybercriminals can use AI to create phishing messages aimed at hacking organizations, as well as scam messages targeting victims of data breaches. With AI, this can be done faster, on a larger scale, and the messages are harder to detect,” the regulator says.
AP Vice Chair Monique Verdier warns that the risks associated with data breaches will become even greater in the future because of AI. To counter these risks, businesses and organizations are recommended to implement effective monitoring.