The German political establishment is reeling after personal data and communications from hundreds of politicians including Chancellor Angela Merkel were released by hackers.
Discovered only yesterday, the information had actually been released over the past fortnight by Twitter user ‘G0d’, who claims to be based in Hamburg and whose biog indicates is a security researcher with an interest in “satire & ironie.”
The data includes a mix of personal and political party information including email addresses, mobile phone numbers, photos of identity cards, direct debit authorizations, credit card info, chats with family members, and internal party communications, according to state broadcaster RBB.
Interestingly, members of all parties in the Bundestag are represented in the leak, except for the far right AfD, which could hint at the motivation of those behind the hack.
It remains to be seen how the data was obtained, although given the range of different information exposed it’s likely to have come from multiple different sources, the report claimed.
Although reporters and investigators are still combing through the data dump, the largest ever of its kind in Germany, there don’t appear to be any politically sensitive revelations contained therein.
German security agency the BSI is currently investigating the incident, which apparently also includes data on celebrities and musicians.
This isn’t the first time German lawmakers have been on the receiving end of cyber-attacks. Russian state actors were blamed for a 2015 attack on the Bundestag network which saw sensitive data stolen.
In 2017 the German parliament was reportedly able to repel an attack which lured lawmakers to a Jerusalem Post page infected with malicious ads, while last year, the BSI investigated a possible intrusion into a government communications network.
“Releasing personal data on politicians is far more targeted than we usually tend to see. However, officials in high powered positions must be all too aware of the associated risk and consequences of a breach,” argued ESET UK cybersecurity expert, Jake Moore.
“I would suggest they take a few minutes to cancel the cards in question and add fraud protection before the hacking world takes advantage of this breach.”