This page is a sub page of the case file for case DIVD-2025-00041 - Victim Notification Operation Endgame S03E01, which contains the general information about this case.
Some of your credentials were found in Operation Endgame edition S03E01 and have been stolen an infostealer
If you are reading this it probably means that your data was found in the dataset of Operation Endgame S03E01.
What does this mean?
Your credentials where likely stolen from from a computer by criminals operating infostealer malware and have been discovered by the Dutch Police in the forth quarter of 2025 as part of Operation Endgame. The criminals either intended to sell these credentials to other criminals or to abuse these accounts to make more victims.
What should I do?
We need your help to make sure criminals can no longer abuse the information they have about you.
Here are a few steps you can take:
- If you recognize the password, change it immediately to prevent future abuse.
- If you’re unable to change your password because you are locked out of your account, contact your administrator and ask for a password change as soon as possible.
- Have you used this email address and password elsewhere? Change it immediately. Criminals often try the same username/password combinations on many different services and accounts.
- Never use this combination of email address and password anywhere else again. This email address and password is now noted in databases and traded amongst criminals, which makes them very easy to guess or crack.
- There might still be malware on your computer. Perform a virus scan to check if there is malware and take actions if there is.
- Enable dual or multi factor authentication (MFA). This stops an attack from criminals if they know your password. implement two-step verification in as many places as possible.
- If this email address is a business email address, you are recommended to reach out to the security department of that organization.
Mind you, what we emailed you is a masked password. All characters in the password were replaced by an asterisk (*) except the four last characters. So e.g. the password VeryWeakPassword01! would have been transformed to ***************d01!.
More questions?
The main case file contains a Frequently Asked Questions (FAQ) section. If that does not answer your questions, please reply to the email you received or email us at DIVD-2025-00041@csirt.divd.nl.
For more information, see the main case file.