Theft of personal data
On Tuesday, 1 October, we received an unpleasant surprise when police informed us that the personal details of Strukton Rail employees in the Netherlands and Eurailscout employees in the Netherlands had been stolen.
On Thursday, 3 October, the investigation showed that a temporary employee who is no longer working at Strukton photographed the data of probably all Strukton Rail and Eurailscout former and existing employees in the Netherlands. This employee had access to this data pursuant to his function. Exactly what was stolen: names, dates of birth, initials, address details, date hired, date of departure (if applicable) and bank account numbers. At the present time everything indicates that this was a one-off and individual action. On Thursday, 3 October, we reported the incident to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
We truly regret this incident and are doing everything in our power to avoid its reoccurrence. The reality is that theft can never be entirely excluded.
This incident shows that the abuse of confidential information is always lurking around the corner. We are doing everything we can to prevent data leaks. Further to this incident we will be evaluating all our working arrangements and processes, and where possible implement improvements.