ACCORDING to NL Times, more than 850,000 women were affected by the cyberattack on Clinical Diagnostics, with law enforcement investigating and large-scale compensation claims being prepared. In August 2025, Bevolkingsonderzoek Nederland revealed that data from cervical cancer screening was stolen after the lab paid the Nova ransomware gang’s demand, though the attackers later appeared to seek even more money.
The Dutch Health and Youth Care Inspectorate (IGJ) found that Clinical Diagnostics failed to adequately protect data, noting that its cybersecurity measures had not undergone an independent review and a proper risk assessment had not been carried out. Had the lab followed the rules, the inspectorate suggested, this could have reduced the likelihood of a major data breach and limited its consequences.
The attack, attributed to the ransomware group Nova, occurred in July 2025, when they demanded about 1.1 million euros in cryptocurrency and published parts of the stolen data on the dark web.