CBP: DigiD should be safer

Criminals can easily find out the DigiD user names and passwords from citizens.

The watchdog also mentions a possible solution: send people an SMS with a code that they must enter when they have completed their username and password. This already happens in internetbankieren.Het CBP examined the safety, after 8500 people had mistakenly tried to log into the site from Digi -D, a Brabants advertising.

The site hit both their usernames and their passwords. Attackers would thus gained access to the tax information of the citizens. They could apply for all kinds of surcharges. The advertising agency has erased all data and problems are solved . But the DPA also says in other situations, abuse may be made of DigiD log data.