DPA - Dutch Data Protection Authority

07/08/2026 | Press release | Distributed by Public on 07/08/2026 09:46

AI increases the risks of cyberattacks

AI increases the risks of cyberattacks

The rapid growth of artificial intelligence (AI) is increasing the risks of cyberattacks. There is a growing risk of phishing and data breaches. The Autoriteit Persoonsgegevens (AP), the Dutch data protection authority, has issued a warning about this in its annual overview of data breaches in the Netherlands. Organisations must take action now and get their digital security in order, according to the AP. Only in this way can they protect people's data against increasingly sophisticated forms of cybercrime.

The risks come from two directions and reinforce each other, much to the AP's concern. Phishing attacks, which AI enables to become increasingly sophisticated, are both a consequence of data breaches and, increasingly, the cause of them.

Phishing messages that look increasingly realistic

On the one hand, AI enables criminals to create and send increasingly realistic fake messages (phishing messages

In the case of phishing, cybercriminals send fake emails, often to email addresses obtained through a data breach. This way, they try to obtain information (such as login details) and use this information for gaining access to a network or system.

) to potential victims more quickly and on a larger scale. Among the ingredients criminals use for these targeted, personalised phishing messages is information they have previously obtained following data breaches. For example, the name and contact details of a potential victim, plus the name of that person's bank or a company of which they are a customer.

Three times as many 'account takeovers'

On the other hand, phishing attacks are not only a consequence of data breaches but are also - increasingly - a cause of them. For example, an email containing a fake link that looks genuine can lead to an organisation's employee's account being taken over, after which a larger cyberattack on the organisation begins.

The AP has observed a sharp rise in this type of 'account takeovers': from 607 in 2024 to 1,742 in 2025 - almost a threefold increase.

Risk of a flywheel effect

Taken together, this risks creating a flywheel effect. Criminals can use AI-generated phishing messages to attempt to steal data more frequently and more quickly. They can then feed the stolen data into AI applications, which in turn use it to create new, 'improved' phishing messages. The criminals then use these to try to defraud individuals or employees, and so on. This creates an ever-stronger interplay between data breaches and cybercrime. That is why it is essential for organisations to bring their digital defences up to standard.

Ready-made 'phishing kits'

A worrying development in this regard is the availability of ready-made 'phishing kits'. These are complete, digital DIY packages that allow malicious actors to get started without requiring too much technical knowledge. These phishing kits are traded online. The AP explores this in greater depth in its latest data breach report.

Far-reaching cyberattacks

'We have recently seen a series of major and far-reaching cyberattacks in the Netherlands. AI threatens to make the risks associated with such data breaches even greater,' warns AP vice chair Monique Verdier.

Top of the agenda

This year, the House of Representatives of the Netherlands has devoted special attention to the issues surrounding data breaches and cybersecurity in committee debates and meetings. At the invitation of the House of Representatives, the AP has provided further clarification on this matter. The implications of the rise of AI for data breaches and cybersecurity show that society's sense of urgency must not fade for a moment - quite the contrary. Verdier: 'Digital security must absolutely be at the top of the agenda.'

Security is a matter for the top level

Organisations, too, need to address digital security. The AP provides advice on this in its latest report on data breaches, as well as during ongoing consultations with, amongst others, the business community and the government. These developments show just how closely AI, cybersecurity and the protection of personal data are now intertwined. That is why the AP is committed to ensuring secure and resilient digital services so that people can trust that their personal data is properly protected in the digital world.

The AP now expects directors and management teams - particularly in larger organisations - to treat digital security as a top priority rather than an afterthought. Verdier: 'Digital security is a matter for top management. As a director or chair of the board, you also have a social responsibility towards your customers and your staff. And if you want to look at it from a more business-orientated perspective: the costs you'll face following a hack are many times greater than the investment needed to get your digital affairs in order beforehand. Save yourself the trouble of losing customers because you haven't secured their data properly. In short, don't be the next one to be hacked. Get your security in order now.'

Read more

Further information can be found in the AP's latest report on data breaches. A total of 39,407 data breaches were reported to the AP in 2025, compared with 37,839 in 2024. Cyberattacks were the cause of 2,428 of the reported data breaches.

DPA - Dutch Data Protection Authority published this content on July 08, 2026, and is solely responsible for the information contained herein. Distributed via Public Technologies (PUBT), unedited and unaltered, on July 08, 2026 at 15:46 UTC. If you believe the information included in the content is inaccurate or outdated and requires editing or removal, please contact us at [email protected]