‘Mass hack attack’ against politicians raises eyebrows in Berlin

The Bundestag [Andy Ducker/Flickr] [Andy Ducker/Flickr]

Hackers posted personal data, including credit card details and mobile phone numbers, of hundreds of German politicians, national media reported on Friday (4 January).

All major German parties except for the far-right AfD have been affected, the report said. The identity of the hackers and their motive are not known yet.

The data, published on a Twitter account seen by EURACTIV, also included addresses, personal letters, and copies of identity cards, the public broadcaster said.

The data was spread on Twitter before Christmas, staged as an advent calendar, but the breach was not noticed until Thursday evening. The operator of the account in question claims to be based in Hamburg and had more than 17.000 followers as of Friday morning.

Reuters was not immediately able to confirm the report as it was initially open if all data is authentic.

In first reports, German Chancellor Angela Merkel was also said to be affected by the hack, suggesting that the Twitter account displays a fax number, an e-mail address and several letters from and to the Chancellor.

“With regard to the Chancellery it seems that, judging by the initial review, no sensitive information and data have been published and this includes (from) the chancellor,” Merkel’s spokeswoman told reporters at a regular government news conference in Berlin.

Among the victims of the hacker attack is according to the “Bild” newspaper also Federal President Frank-Walter Steinmeier.

EURACTIV.com’s media partner in Germany Der Tagesspiegel reported that the data published also includes numerous private Facebook chat messages from the SPD member of the German Bundestag Klara Geywitz and CDU delegate Rainer Genilk, which address collusion on various topics with party colleagues.

In addition to politicians, also data of German celebrities and journalists had been published, including private data such as holiday pictures.

German Justice Minister Katharina Barley (SPD) described the incident as a “serious attack”.

She said perpetrators should be quickly identified as well as their potential political motives. “Criminals and their backers are not allowed to dominate debates in our country,” Barley warned.

An spokesman of the German interior ministry declined to confirm that the data breach, which triggered an emergency meeting of the national cyber defense body, was the result of a hack. Meanwhile, a spokesman of the German defence ministry said the armed forces were not affected either, Reuters reported on Friday afternoon.

EU suffers major cyber-security scandal with publication of 1,100 secret cables

A trove of hacked EU diplomatic cables made available to the New York Times revealed no major secrets, but displayed the remarkably poor protection of routine exchanges among EU officials.

Politicians from Germany’s far-left Linke party confirmed they had been affected by the hacking incident, a spokesman for the party’s parliamentary group said on Friday.

“I can confirm that there has been an incident”, the party’s spokesman said, adding that Dietmar Bartsch, leader of the party’s group in Germany’s lower house of parliament, was personally affected.

The National Cyberdefence Centre, a German government agency established to respond to attacks on domestic government information networks, held an emergency meeting on Friday morning. The agency coordinates the measures of the Federal Office for the Protection of the Constitution, the Federal Criminal Police Office and the Federal Intelligence Service.

According to German media, the German Federal Office for Information Security (BSI) has been informed and is investigating the hacking case since Friday morning. However, according to the latest information, the secure internal network of Germany’s government has not been affected by the hacking incident, “Bild” newspaper reported on Friday, citing sources inside the state’s security agency BSI.

Not the first hack attempt

What constituted one of the biggest attacks on an internal German government network so far became known in May 2015. According to current public information, hackers on 30 April 2015 sent an e-mail titled “Ukraine conflict with Russia leaves the economy in ruins” with an “@ un.org” handle to several members of the German Bundestag.

When activating the link, a fake UN unnoticedly installed malicious software on the computer of the mail recipient and granted the hackers access where they spent weeks spying on the German Bundestag computer servers.

Behind the hacker attacks on the German Bundestag and the federal data network is, according to findings of British cyber defence experts, the Russian military intelligence service GRU. According to a list published by the National Cyber Security Centre in late 2018, the GRU is linked to the hacker group “APT 28”, which is responsible for the attacks in Germany.

Smaller incidents had been also been detected both, in late 2016 and in the months before the German election in 2017. Last year, according to lawmakers, a powerful cyber attack had breached the foreign ministry’s computer network.

This article will be updated with reactions and developments.

Subscribe to our newsletters