Reporting a security breach

We do all we can to keep our systems secure. But it's always possible that you'll spot a weakness we've missed. If you do, please let us know, so that we can do something about it quickly. Reporting problems you come across is known as responsible disclosure.

How to report a problem?

  • Please mail details to responsible.disclosure@sidn.nl. You can also use our file transfer for this: https://fileshare.sidn.nl/. If you need help with that, call us on +31 26 352 5555.

  • Include as much information as possible, because that will help us reproduce the problem and put it right. We'd ideally like to have a description of what you discovered, complete with IP addresses, logs, screenshots and so on.

  • Please include your contact details (phone number or e-mail address), so that we can get in touch if we need to know more.

Beveiligingslek melden

Other important points

  • Don't tell anyone what you found.

  • Destroy any data you've stumbled on.

  • Don't go deeper into our systems than you need to in order to show that there's a problem.

  • Don't abuse a vulnerability you've discovered. If you do, we'll inform the police.

What we'll do

  • We'll e-mail you within one working day, confirming receipt of your report.

  • Within five working days, we'll respond to the substance of your report and tell you when the issue will be resolved. Weaknesses are fixed as soon as possible and certainly within three months.

  • We'll keep you updated about progress with fixing the issue.

  • With your help, we'll decide whether information about the issue should be published. We'll name you as the person who discovered the problem only if you want us to.

  • Thursday 14 March 2019

    .nl domain name

    SIDN analyses Belsimpel.nl

    SIDN-analyseert-Belsimpel-thumbail

    Van een startkapitaal van € 2.000,- naar een omzet van € 200 miljoen

    Read more
  • Tuesday 25 September 2018

    Internet security

    Cybercrooks use fake websites to harvest health insurance data

    Thumb-Unive

    SIDN identifies more than 450 phishing sites exploiting health insurers' brand familiarity

    Read more
  • Wednesday 11 April 2018

    DNSSEC

    EC recognises DANE as standard for tendering

    Thumb+DNSSEC+news

    Ensure technical interoperability across government bodies throughout the EU

    Read more

Sorry

Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.