Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

German politicians' data published online in massive breach

Reprints
German politicians' data published online in massive breach

(Reuters) — Personal data and documents from hundreds of German politicians and public figures have been published online, in what appears one of the most far-reaching cyberattacks in a country that has become a target of choice for hackers.

It was unclear if the breach, which triggered an emergency meeting of the national cyber defense agency, was the result of a hack or a leak, an Interior Ministry spokesman said.

Chancellor Angela Merkel was affected, but an initial analysis showed no sensitive material from her office was released, said a government spokeswoman.

If the data release does stem from a hack, it would be the latest in a number of high-tech assaults on political institutions and key individuals in Germany.

Last year, lawmakers said a powerful cyberattack breached the foreign ministry's computer network.

Security officials have blamed most previous breaches on a Russian hacking group, while the Kremlin has consistently denied involvement in such incidents.

Cyber defense body BSI met in reaction to the latest attack to coordinate the response of intelligence and other federal agencies, a spokesman said.

Public broadcaster rbb, which broke the story, said the identity of the hackers and their motive were not known.

Government spokeswoman Martina Fietz confirmed personal data and documents "belonging to hundreds of politicians and public figures" had been released online.

German media said a fax number and two email addresses used by Chancellor Merkel had been published. "The information and data drained from the chancellery and that relate to the chancellor are manageable," Ms. Fietz told a news conference.

A defence ministry spokesman said the armed forces were not affected, and broadcaster ARD — affiliated to rbb — said its journalists had as yet detected no incriminating content.

'Alarming … but not surprising’

"This data breach ...is alarming, but at the same time it's not surprising," said Mike Hart, who works for commercial cybersecurity firm FireEye, citing previous hacks.

"...It highlights the need for the government to take cybersecurity very seriously."

Security officials have blamed most previous attacks on a Russian hacking group APT28 that experts say has close ties to a Russian spy agency. Experts held the same group responsible for an attack ahead of the 2016 U.S. presidential election.

Bild newspaper reported that German authorities had asked the U.S. National Security Agency for help in investigating the incident.

The mass-selling daily also said the secure internal network of Germany's government was not hit by the hackers, citing sources inside the BSI.

The BSI said all but one of the seven parties in the Bundestag lower house were affected. German media said that party was the right-wing Alternative for Germany.

Broadcaster rbb reported earlier that the data, from hundreds of politicians and published on a Twitter account, included addresses, personal letters and copies of identity cards.

"Whoever is responsible wants to intimidate politicians. That will not succeed," said Lars Klingbeil, secretary general of the centre-left Social Democrats, Chancellor Merkel's coalition partner.

 

 

 

 

Read Next

  • US imposes fresh sanctions for Russian cyber-related activity

    (Reuters) — The United States on Tuesday imposed sanctions on two Russians, one Russian company and one Slovakian company for what Washington said were their actions to help another Russian company avoid sanctions over the country's malicious cyber-related activities.