The rapid advancement of artificial intelligence is fueling an increase in sophisticated phishing attacks and cybercrime, prompting the Dutch Data Protection Authority to call for immediate enhancements in cybersecurity measures. Organizations are being urged to fortify their defenses as criminals leverage AI to craft highly believable, personalized phishing emails using data from previous breaches.
These advanced phishing techniques are not only more convincing but also pose a significant threat by enabling account takeovers. Such breaches can serve as a gateway for malicious actors to execute larger cyberattacks on businesses and institutions. The growing complexity of these threats underscores the need for heightened vigilance and proactive security strategies.
Statistics from the authority reveal a troubling trend: account takeover incidents have surged from 607 cases in 2024 to 1,742 in 2025. Furthermore, the authority received 39,407 data breach notifications in 2025, emphasizing the escalating cybersecurity challenges that organizations face today.
To mitigate these risks, the regulator recommends that organizations adopt comprehensive cybersecurity policies, bolster their data protection practices, and steer clear of storing sensitive information in centralized systems. By implementing these measures, entities can better safeguard themselves against potential large-scale cyberattacks.