Confidence MediumMay 22, 2026acm.nl

Dutch civil servants from Authority for Consumers and Markets (ACM) affected by Microsoft data leak

PatternExternal actor · Error · Confidentiality impact

Names of civil servants from the Authority for Consumers and Markets (ACM), involved in implementing the Digital Services Act (DSA), were reportedly shared by Microsoft with the U.S. House of Representatives without redaction.

Signal date

May 22, 2026

Updated

Jun 24, 2026

Confidence

Medium

Sources

1 source

Acm

Domain: acm.nl
Sector: Information
Signals: 1 linked

Scan this company

Signal context

First seen: May 22, 2026

Last updated: Jun 24, 2026

Status: Public signal

Key points

Names of Dutch civil servants from ACM leaked.
Involved in Digital Services Act (DSA) implementation.
Data shared by Microsoft with U.S. House of Representatives.

Signal analysis

Beta

This analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.

Affected organization

Acm

Sector: Information

Likely country: 🇳🇱 Netherlands

inferred from company domain

Estimated

Threat source

Error activity

Watch process controls, misconfiguration and accidental disclosure paths.

Source type: outside the affected organization

Business impact

Potential data exposure

Impact area: Confidentiality

Trend context

7 signals with similar action pattern

19 signals in the same sector
66 signals with the same likely impact area
1 signal linked to this organization/domain

Mentioned entities

AcmSuspected Data ExposureDutchAuthority for Consumers and MarketsACMMicrosoftNames ofDigital Services ActDSAU.S. House of Representatives

External sources

Microsoft accused of leaking Dutch civil servants' names to U.S. government | NL Timeshttps://nltimes.nl/2026/05/22/microsoft-accused-leaking-dutch-civil-servants-names-us-governmentPublic source from nltimes.nl.

Related signals

Grouped by why the signal is relevant.

CharterMay 26, 2026

Same sectorSame action patternSame impact area

Charter Communications Confirms Data Breach After ShinyHunters Extortion Threat

U.S. telecommunications giant Charter Communications (operating as Spectrum) confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data. The breach, which reportedly occurred on April 1, 2026, involved a vishing attack that compromised an employee's Microsoft Entra account, leading to the export of millions of customer records from the company's Salesforce instance. ShinyHunters claimed to have stolen 40 million (or 4.9 million to 13 million in other reports) customer records, including names, email addresses, physical addresses, phone numbers, plan information, and customer support ticket data. Charter denied that sensitive personal information or customer proprietary network information (CPNI) was exfiltrated.

LastpassJun 23, 2026

Same sectorSame impact area

LastPass confirms data breach in Klue supply chain attack

LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in a supply chain attack targeting Klue, a third-party market intelligence platform. The unauthorized actor obtained OAuth tokens from Klue, which were then used to access LastPass customer data. Exposed information includes customer names, phone numbers, email addresses, physical addresses, support case information, and sales/CRM-related data. LastPass stated that its core products, services, and infrastructure, including customer vaults, were not affected by this incident. The Icarus extortion group claimed responsibility for the Klue attack.

SnykJun 22, 2026

Same sectorSame impact area

Snyk impacted by Klue supply chain attack

Snyk, a cybersecurity firm, was affected by a supply chain attack on market intelligence platform Klue. The attack compromised Klue's integration with Salesforce, leading to the exfiltration of business information from Snyk's Salesforce CRM, including sales account data and business contact information such as names, email addresses, job titles, and phone numbers. Snyk stated the intrusion was limited to its Salesforce instance and did not involve its internal systems.

OnetrustJun 22, 2026

Same sectorSame impact area

OneTrust impacted by Klue supply chain attack

OneTrust, a cybersecurity firm, was affected by a supply chain attack on market intelligence platform Klue. The attack compromised Klue's integration with Salesforce, leading to the exfiltration of business information from OneTrust's Salesforce CRM, including sales account data and business contact information such as names, email addresses, job titles, and phone numbers. OneTrust stated the intrusion was limited to its Salesforce instance and did not involve its internal systems.

JamfJun 22, 2026

Same sectorSame impact area

Jamf impacted by Klue supply chain attack

Jamf, a cybersecurity firm, was affected by a supply chain attack on market intelligence platform Klue. The attack compromised Klue's integration with Salesforce, leading to the exfiltration of business information from Jamf's Salesforce CRM, including sales account data and business contact information such as names, email addresses, job titles, and phone numbers. Jamf stated the intrusion was limited to its Salesforce instance and did not involve its internal systems.

HuntressJun 22, 2026

Same sectorSame impact area

Huntress impacted by Klue supply chain attack

Huntress, a cybersecurity firm, was affected by a supply chain attack on market intelligence platform Klue. The attack compromised Klue's integration with Salesforce, leading to the exfiltration of business information from Huntress's Salesforce CRM, including sales account data and business contact information such as names, email addresses, job titles, and phone numbers. Huntress suggested that a threat actor named Icarus might have been responsible for the attack.