Passive Attack

An attack against an authentication protocol where the Attacker intercepts data traveling along the network between the Claimant and Verifier, but does not alter the data (i.e., eavesdropping).
SOURCE: SP 800-63

An attack that does not alter systems or data.
SOURCE: CNSSI-4009