Personal data and documents from hundreds of German politicians and public figures including Chancellor Angela Merkel have been published online in what appears to be one of Germany’s most far-reaching data breaches.
A preliminary analysis showed the data had been obtained through “wrongful use of log-in information for cloud services, email accounts or social networks”, Interior Minister Horst Seehofer said in a statement late on Friday.
He said there was no evidence that the computer systems of the German lower house of parliament or the government had been compromised, but provided no further details.
The ministry said it remained unclear if the breach, which triggered an emergency meeting of the BSI national cyber defense agency, was the result of a hack or a leak.
Authorities were investigating all possibilities, including espionage, according to one government source, who said it was unlikely that any single person could have compiled the massive amounts of data that had been released.
The public broadcaster rbb, which broke the story, said the data, published on a Twitter account, included addresses, personal letters and copies of identity cards. It said the identity of the perpetrators and their motive were not known.
The twitter account, which existed for four years and has now been deleted, first began releasing data in December in an electronic “Advent calendar”. The extent of the data leaks first became apparent late on Thursday evening, sources said.
German media said a fax number and two email addresses used by Merkel had been published but the government said it appeared no sensitive material from her office had been released.
The hacked material included private chats by Greens leader Robert Habeck with family members and the identity cards of his children, a source familiar with the matter said.
Die Welt newspaper reported late Friday that published lists included names of 410 members of Merkel’s conservatives, 230 Social Democrats, 106 Greens party members, 91 members of the radical Left party and 28 Free Democrats.
POLITICAL PARTIES HIT
The BSI said all but one of the seven parties in the lower house had been affected. German media said that party was the right-wing Alternative for Germany (AfD).
Last year, lawmakers said a powerful cyber attack had breached the foreign ministry’s computer network.
Security officials have blamed most previous breaches of data security on a Russian hacking group, while the Kremlin has consistently denied involvement in such incidents.
The BSI met to coordinate the response of intelligence and other federal agencies.
The Defense Ministry said the armed forces were not affected. The public broadcaster ARD – affiliated to rbb – said its journalists had as yet detected no incriminating content.
The city-state of Hamburg was working with Irish data protection authorities to stop the data being spread via Twitter, but said the company had not been responsive.
It said the Twitter account used to spread the data had been deleted, but that it was still pressing for the deletion of links to data on other platforms.
Security officials have blamed most previous attacks on a Russian hacking group, APT28, that experts say has close ties to a Russian spy agency. Experts held the same group responsible for an attack ahead of the 2016 U.S. presidential election.
Bild newspaper reported that German authorities had asked the U.S. spy agency NSA for assistance.