Massive data breach at Epe municipality exposes personal data of residents
Over 600,000 files containing personal data, including names and addresses, have been leaked in a cyberattack on the Municipality of Epe. Residents are urged to stay alert for potential fraud as authorities investigate the breach and its impact.
| Key Data | Details |
|---|---|
| Date of Announcement | March 14, 2026 |
| Date of Update | March 16, 2026 |
| Method of Breach | Phishing (ClickFix) |
| Data Leaked | Over 800 GB, approximately 600,000 files |
| Type of Data | Personal data (names, addresses), internal documents |
| Affected Parties | Residents, Municipality of Epe |
| Report Filed With | Dutch Data Protection Authority |
| Municipal Elections | Safe to proceed on March 18, 2026 |
| Source of Updates | Municipality of Epe Website |
The Municipality of Epe is responsible for local governance, including the protection of residents' personal data and the security of its digital systems. In this case, it is coordinating the response to the data breach, ensuring affected individuals are informed and systems are secured.
Stay awake! ☕
Government news can be dry sometimes. Luckily your coffee keeps us awake.
Read the full translated article below
Update on data breach at Municipality of Epe
On Saturday, March 14, we announced that data from the Municipality of Epe had been leaked. At the time, the full extent of the data breach was not yet known. We now know that the hack was carried out by professionals and was initiated through a form of phishing: ClickFix. More than 800 gigabytes of data have been leaked, consisting of approximately 600,000 files of varying sizes.
Mayor Tom Horn: “Both residents and the Municipality of Epe organization have fallen victim to cybercriminals. I deeply regret that data has been leaked, particularly personal data. For this reason, we have filed a report with the Dutch Data Protection Authority. We are doing everything possible to inform those affected as carefully as possible. The cause and scope of the data breach are being further investigated.”
What data is contained in the files
The files were stored on an internal work disk and contain a wide variety of information and data. Due to the large number of documents, it is taking time to determine exactly which data has been leaked and to whom. We do know, however, that files containing personal data, such as names and addresses, have been leaked. As soon as more specific information becomes available, we will inform those affected by letter. Unfortunately, we do not yet know when this will be. We share general updates about the data breach via our website.
What this means for residents
Criminals may misuse the personal data, for example for fraud. We therefore ask residents to remain vigilant. On the website of the Dutch Data Protection Authority (link is external), you will find tips and more general information about the misuse of personal data.
What this means for the security of the Municipality of Epe’s systems
On Thursday, we immediately checked and secured the systems together with cybersecurity experts. With the measures taken, we can continue to safely provide services to our residents, institutions, and businesses. The municipal office was therefore open from Friday morning according to normal opening hours, and our digital services via MijnEpe continued to operate. We have received many questions about the upcoming municipal elections: you can vote safely on Wednesday, March 18.