Update on data hostage situation at supplier

Many residents and businesses in our management area received their water board tax assessment by mail at the end of May. This also applies if you have opted to receive the assessment in the message box. The assessment was sent on time, despite the hack at our supplier AddComm.

Due to the temporary hijacking of data at our supplier AddComm, they were unable to send the tax assessment digitally. Services to HHNK have now been resumed in a secure manner. Due to the privacy interests of customers, agreements have been made with the cybercriminals. You can read about how they responded to the hack on the AddComm website. AddComm posted a message about the ransomware attack on May 22 at . 

Is HHNK data involved in the data hostage situation? 

Data provided by HHNK from residents and businesses to AddComm has fallen into the hands of cybercriminals. AddComm has reached an agreement with the hackers and has reason to believe that this data will not be misused. Our advice: if you do not use direct debit, always check the account number to which you are transferring money: NL20 NWAB 0636 7586 80 (correct payments are also made to an ING account number ending in 2961. Preferably, use the first account number mentioned). Or pay via mijn.hhnk.nl. There you will always find an up-to-date overview of your assessments.

What data was in the hands of the criminals?

An investigation into the data breach at Addcomm is currently underway. It has already been established that the personal data of less than 4% of households in the HHNK area may have been compromised. We cannot yet rule out the possibility that personal data such as name, address, place of residence, social security number, account number, and, for example, property ownership details may have been compromised. Because there are many active hackers and personal data is increasingly falling into the hands of cybercriminals, we advise you to always be alert to misuse. Read our advice here. Or view the information provided by the fraud helpdesk.

HHNK does not provide telephone numbers or email addresses to AddComm, so that data cannot have been stolen. Phishing via email, WhatsApp, or text message does not take place using data provided by HHNK.  

How can I be sure that my data will not be misused?

Unfortunately, we cannot give you any certainty about this. However, based on the information provided by AddComm, we now assume that the data has been deleted and cannot be misused. See their message here . Despite this, we advise you to always be alert when making payments and especially when receiving unexpected mail. Check account numbers before making any payments.

Why is my tax assessment not listed in My HHNK?

The hack disrupted some of AddComm's services. As a result, the water board tax assessment will be available for download via Mijn HHNK a little later than usual. You can already find an overview of outstanding assessments in Mijn HHNK and you can also pay your assessment via this secure environment. 

What does AddComm do for HHNK?

Based on data provided by HHNK via a secure portal, AddComm produces (digital) water board tax assessments, reminders, warnings, and enforcement orders, and ensures that they are sent out. AddComm also provides similar services for around sixty municipalities and commercial parties. This means that our supplier has access to a great deal of data from a large number of individuals and companies.

When did HHNK become aware of the security incident at AddComm?

AddComm reported the security incident at HHNK on the afternoon of May 17. 

Has HHNK reported this to the Dutch Data Protection Authority? 

On May 19, we submitted a preliminary report of a possible data breach to the Dutch Data Protection Authority. Based on new information from AddComm, the report was supplemented on May 29.

Are HHNK's systems now also at risk?

HHNK's systems are not involved in this ransomware attack on AddComm. 

Is there a financial problem for HHNK?

No