Breach cyber

Dutch National Police

May 28, 2025 1 min read
Dutch National Police

A newly identified Russian cyber-espionage group, Laundry Bear, breached the Dutch national police in September 2024. The attack resulted in the theft of work-related contact details of multiple officers, including names, email addresses, phone numbers, and some private personal data. The attackers gained access by compromising a police employee’s account and extracting contact information via the Global Address List (GAL) using a pass-the-cookie attack.

Source: https://cybersafe.news/russian-cyberspy-group-laundry-bear-tied-to-dutch-police-breach/

TPRM report: https://scoringcyber.rankiteo.com/company/politie-nederland

"id": "pol740052825",
"linkid": "politie-nederland",
"type": "Breach",
"date": "5/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Law Enforcement',
                        'location': 'Netherlands',
                        'name': 'Dutch National Police (Politie)',
                        'type': 'Government'}],
 'attack_vector': 'Pass-the-cookie attack',
 'data_breach': {'personally_identifiable_information': True,
                 'type_of_data_compromised': ['Contact details',
                                              'Private personal data']},
 'date_detected': 'September 2024',
 'date_publicly_disclosed': '2024',
 'description': 'A newly identified Russian cyber-espionage group, dubbed '
                'Laundry Bear, has been linked to the September 2024 security '
                'breach of the Dutch national police, according to a joint '
                'advisory from Dutch intelligence agencies.',
 'impact': {'data_compromised': ['Names',
                                 'Email addresses',
                                 'Phone numbers',
                                 'Private personal data']},
 'initial_access_broker': {'entry_point': 'Compromised police employee’s '
                                          'account'},
 'motivation': 'Espionage aligned with Russian strategic interests',
 'post_incident_analysis': {'root_causes': 'Stolen authentication cookie'},
 'references': [{'source': 'Dutch General Intelligence and Security Service '
                           '(AIVD)'},
                {'source': 'Military Intelligence and Security Service '
                           '(MIVD)'}],
 'threat_actor': 'Laundry Bear (Void Blizzard)',
 'title': 'Security Breach of Dutch National Police',
 'type': 'Cyber Espionage',
 'vulnerability_exploited': 'Stolen authentication cookie'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Airpay

public 1 min read
Cybercriminals have compromised Airpay, exposing sensitive financial data of thousands of users and businesses. Threat actors claim to have accessed…
Jeremy C Jeremy C
Breach cyber

Tea

public 1 min read
Cybercriminals breached a legacy data storage system used by the Tea app, gaining unauthorized access to approximately 72,000 images,…
Jeremy C Jeremy C
Breach cyber

Optus

public 1 min read
The Optus breach in 2022 involved attackers stealing millions of customer records through an unauthenticated API endpoint. This incident cost…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.