This morning on Friday, February 28, 2020, we received several support tickets indicating false information being shown (on the payslip) within the Nmbrs® application.
After initial investigation we have decided that the issues could potentially affect multiple customers. To prevent employee data from being potentially compromised, we made the decision to bring the full Nmbrs® platform offline at 11.09h.
While in maintenance mode, we were able to identify the root cause of the issue. We fixed the issue, verified and validated this with our test-and-update protocols and updated our Nmbrs® production environment and brought the Nmbrs® platform back online at 13.56h. The number of identified affected parties is limited to a small number of cases.
We have already reported the matter to the Autoriteit Persoongegevens (the dutch privacy supervisory authority). All identified directly affected parties will receive a detailed incident report today.
We would like to emphasise that no unauthorised users have accessed the platform. The data that was exposed didn’t contain directly identifiable information.
We take your data protection and privacy very seriously. We want our customers to know that the trust they have placed in us is paramount and therefore have created a set of remediation actions to keep ensuring high security and data protection standards.
If you have questions or need assistance please contact us at email@example.com