Authorities have taken a police external server offline and launched an investigation after an IT expert identified security vulnerabilities in the system, according to the Luxembourg police.

The Luxembourg police confirmed Thursday they are addressing security vulnerabilities discovered on one of their external servers.

Authorities have engaged judicial officials and GovCert, the national cybersecurity agency, to investigate the matter.

The incident follows recent warnings from European cybersecurity experts about inadequate data protection measures during file transfers. A local IT specialist alerted the Luxembourg police to vulnerabilities in the external system.

According to a police response to an enquiry by our colleagues from RTL.lu, the compromised server was immediately taken offline upon detection of the vulnerability. Officials emphasised that the incident had no impact on daily police operations or internal infrastructure and confirmed that no sensitive data - whether personal information or case-related materials - was accessed or exposed.

The security issue involves a third-party audio/video transfer system developed by an Israeli company.

International cybersecurity reports have identified similar vulnerabilities in the same software platform used by other law enforcement agencies abroad.