The rapid advancement of artificial intelligence is significantly enhancing the sophistication of phishing attacks and cybercrime, prompting the Dutch Data Protection Authority to call for immediate action to bolster cybersecurity measures. The authority emphasizes that criminals are increasingly leveraging AI to craft highly realistic and personalized phishing emails by utilizing information from past data breaches. This trend poses a significant threat, as successful phishing attempts can lead to account takeovers and potentially facilitate larger cyberattacks on organizations.
Statistics from the authority underscore the urgency of this issue. There has been a notable increase in account takeover incidents, with cases rising dramatically from 607 in 2024 to 1,742 in 2025. Additionally, the authority received a staggering 39,407 data breach notifications in 2025 alone, underscoring the escalating cybersecurity challenges confronting businesses and public institutions alike.
In light of these developments, the regulator is advising organizations to take proactive measures to safeguard their data and systems. This includes implementing comprehensive cybersecurity policies and enhancing data protection practices. One critical recommendation is to avoid storing sensitive information in centralized systems, which can be particularly vulnerable to large-scale cyberattacks.
Organizations are urged to act swiftly to mitigate the risks posed by these evolving threats. By adopting robust cybersecurity strategies and staying vigilant against the sophisticated tactics employed by cybercriminals, businesses and institutions can better protect themselves against potential breaches and their potentially devastating consequences.
