mensura.be was not designed by a small firm
so they made a mistake and disregarded everything that they should have known and that there developers should have done because as a big agency they have the money and the resources to do the necessary tests to be sure that there are no traditional OWASP 10 mistakes in their online forms for example (like sql injection)
this is one of the biggest agencies around here
which other websites did they forget to check for securitymistakes ?
so you can ask yourself what else was forgotten on mensura.be ?
I can't know because in Belgium you only can be prosecuted for that ....... If some of the complaintants wants an independent security check by real professionals I trust for my work and has money for it during the course of the investigation, I can put you into contact (also if you need forensic experts to look for proof that they are now trying to destroy of their fuckups)
use my linkedin please