On Monday morning, March 3, 2025, the Dutch government faced significant disruptions as DigiD, the electronic identification system, experienced outages due to large-scale DDoS attacks. This has left many users struggling to log onto various government platforms, including MijnOverheid, the Belastingdienst (Tax Authority), and UWV.
According to Logius, the agency responsible for managing DigiD, the issue first arose at approximately 09:08 AM. The situation has led to widespread reports of login failures from users, who are unable to access the services they need. Major disruptions were also noted on Saturday, March 1, when people encountered problems logging onto the Belastingdienst to file their taxes for 2024. Users reported receiving notifications indicating the maximum number of logins had been reached for the Mijn Belastingdienst page, exacerbated by high traffic to the site.
Logius stated on their official website, "DigiD, DigiD Machtigen, BSNk, Digipoort en MijnOverheid zijn beperkt beschikbaar door terugkerende DDoS-aanvallen. Er wordt hard gewerkt aan een oplossing." This translates as, "DigiD, DigiD Authorization, BSNk, Digipoort, and MijnOverheid are limited due to recurring DDoS attacks. Efforts are being made to find a solution." The surge of traffic associated with these DDoS attacks has put immense strain on the network, making it difficult for legitimate users to log on.
The impact of these outages is particularly notable as they coincide with the beginning of the annual tax filing season, which was officially initiated this past weekend. Given DigiD's role, especially during peak periods, the outages are causing distress not just among everyday citizens but also businesses relying on government services at this time.
Utilizing DigiD has become increasingly common, with approximately 403 million access instances noted annually, along with over one million daily logins servicing around 18.3 million users, including Dutch citizens living abroad. This digital authentication tool has been pivotal for the Dutch public, allowing secure sign-ins for tax filings, social security, and other administrative services.
The recent attack is not the first of its kind. A similar incident occurred back in January, which likewise led to disruptions across several government services, with reports indicating the network became overwhelmed due to excessive traffic. At this point, it remains unclear how long the current outages will persist or what measures will be implemented to fully restore functionality.
Logius continues to investigate the cause of these DDoS attacks, which typically overwhelm systems with manipulated traffic, effectively shutting them down and preventing real users from accessing important services. Monitoring tools have reportedly recorded thousands of user complaints detailing login issues. It is noted on the website Allestoringen.nl, where thousands have registered experiences of not being able to access their accounts on DigiD among other platforms.
Experts and officials are calling for enhanced cybersecurity measures as reliance on digital infrastructures continues to grow, emphasizing the urgent necessity for protected channels for sensitive services. With each incident prompting greater scrutiny over cybersecurity protocols, it is increasingly recognized how susceptible digital platforms are to malicious attacks.
Until these issues are resolved and full service is restored, users are encouraged to remain vigilant for updates from Logius. The frustrations caused by such outages not only affect individual taxpayers but also have broader ramifications for government efficiency and public trust.
The Swiss Army knife of digital government services, DigiD is intended to streamline administrative processes for the Dutch populace. That its functionality can be so rapidly compromised is concerning. The hope now is for swift intervention and recovery measures to restore it before the tax filing deadline weighs heavier on the public's shoulders.