German agency aware of cyber intrusion in Dec

Share

Links to the data were tweeted out by a Twitter account @_Orbit in the form of an Advent calendar leading up to Christmas - but no one took notice of it until Thursday night.

The leak appears to have originated on a Twitter account operated from Hamburg and the authorities in the north German city say they are now working with the Irish Data Protection Commissioner to stop the spread of German politicians' data.

Martina Fietz, a spokeswoman for Merkel, told reporters that "it appears, at first sight, that no sensitive information and data are included in what was published, including regarding the chancellor".

"This data breach of hundreds of German politicians is alarming, but at the same time it's not surprising", said Mike Hart at commercial cyber security firm FireEye, citing previous hacks.

Chancellor Angela Merkel was caught up in the attack, as her email address and several letters to and from the chancellor appear to have been published. The spokesperson said the company recently updated its rules to prohibit the posting of "hacked material that contains private information, trade secrets or could put people in harm's way".

Beyond politicians, the leak also exposed the private data of celebrities and journalists, including chats and voicemail messages from spouses and children of those targeted.

While the populist Alternative for Germany (AfD) was notably absent in the hack, authorities say there may be AfD member data in the leaks since due to their large size, not all of the data has been fully examined.

More news: Golden Globes Co-Host Not Interested in Mentioning Trump During Show
More news: Unai Emery doesn’t look at contract situations — Sky Sports reporter
More news: Survival guide to Liverpool winning the Premier League

German officials said that there are now no suspects in the case.

By its own account, the Federal Criminal Police Office only learned of the data hack on Friday, shortly before it became public, according to a document the top investigative body sent to lawmakers.

In 2015, members of the Bundestag were targeted by the Russian threat group known as APT 28 (also known as Fancy Bear-the GRU intelligence operation identified and indicted by the US Justice Department).

Another TV satirist, Christian Ehring, is said to have had 3.4 gigabytes of data stolen and posted online, including holiday photos. "This is about attempting to destabilise Germany society", British security expert Graham Cluley blogged.

Interior Minister Horst Seehofer said "data may have been obtained through the misuse of access data to cloud services, e-mail accounts or social networks".

"It's a very elaborately done social engineering attack", he said Friday by phone.

Share