The recent hack at the police, in which data of 62,000 employees was captured, was supposedly done through a pass-the-cookie attack. The police and Justice and Security Minister Van Weel recently revealed that.
The Team High Tech Crime (THTC) of the National Investigation and Interventions (LO) Unit investigated the hack. "The goal of such an attack is to gain access to a user's account or application without requiring password login again. In a successful pass-the-cookie attack, an active session of an account is taken over with the corresponding permissions," the police and minister said in a statement.
"After a successful attack, malware can be installed that forwards data such as cookies to a hacker that can be used to gain access. In this case, we know that the address book was captured," the police and minister added. "There are still no indications at this time that any other data besides the data from outlook's global address list has been captured," Van Weel said.
