The Waternet Foundation, which is responsible for the drinking water supply, sewerage and water management of more than one and a half million households in the Amsterdam region, has major problems with digital security.
This is the conclusion of research
platform Follow the Money
(FTM) on Saturday based on internal documents and discussions with employees.
According to employees of the company, who wanted to remain anonymous for security reasons, the question is not "if, but when" security will cause major problems.
"The joke is sometimes made that you can then flood all of Amsterdam," said a source at
The IT staff describe that measures taken or previously taken to get security in order are often reversed by managers from the point of view of the "ease of use" of employees.
For example, IT workers tried to prohibit the use of personal computers on the internal network, because in practice they often lag behind updates.
However, this was reversed when complaints were made within the company.
Moreover, many employees are given too many rights (over-authorization) and can therefore access more data than is necessary for their position.
As a result, an error made it possible for all Waternet employees to access the confidential data of some 200,000 customers earlier this year.
Duty to ensure security
According to the National Coordinator for Counterterrorism and Security (NCTV), the company has a duty to take sufficient measures to guarantee the security of the systems, because it is seen as a vital service provider.
According to sources within the company, the problems started when Waternet started further digitizing its processes and systems in 2010.
The company wants to digitize even further in the coming years.
In a response, Waternet says that many of the reported safety issues have already been addressed or are being worked on.
Waternet also says that processes and procedures are initiated when there is a suspicion of a data breach.