About twelve hundred servers in the Netherlands have almost certainly been infected by large holes in Microsoft's security.
The consequences of this are major for organizations and companies, the National Cyber Security Center (NCSC) of the Ministry of Justice and Security said on Tuesday.
The cyber watchdog has found that hackers are stealing internal data from organizations, placing malicious software and building back doors that they can use in subsequent attacks.
In black markets, access to mailboxes of organizations is offered for sale.
The NCSC reported last week that 40 percent of all Microsoft Exchange e-mail servers in the Netherlands are still vulnerable.
Exchange is the server technology behind Outlook, Microsoft's email app.
At the beginning of this month, Microsoft reported the vulnerability, which has affected tens of thousands of organizations.
The company accused China of stealing emails.
An update has been available for two weeks that closes the security hole, but it has not yet been installed everywhere.
According to the NCSC, it is almost certain that the twelve hundred servers on which the update has not yet been performed are infected.
The cyber watchdog advises organizations and companies to keep scanning and checking for abuse.