Hackers have released personal data linked to Chancellor Angela Merkel and hundreds of other politicians in Germany in the biggest data dump of its kind in the country.
The information includes email addresses, mobile phone numbers, photos of IDs and personal chat transcripts, according to an initial review on Friday. It was leaked over the past weeks via a Twitter account called “G0d” that identifies itself as based in Hamburg and describes itself using the words “security researching,” “artist” and “satire & irony.”
It looks like the hackers got the passwords to Facebook accounts and Twitter profiles and worked their way up from there, collecting additional data in the process, said Simon Hegelich, a political scientist at Munich’s Technical University who has studied the manipulation of social networks.
“It’s a very elaborately done social engineering attack,” he said Friday by phone. “It’s a lot of data that’s been dumped.” Bundestag Hack Germany has seen a range of intrusions in recent years.
Hackers tried to infiltrate computers of think tanks associated with the governing CDU and SPD parties in 2017. A year earlier, scammers set up a fake server in Latvia to flood German lawmakers with phishing emails.
In 2015, unidentified criminals breached the network of the Bundestag parliament, stealing 16 gigabytes of data. Security firm Trend Micro Inc. has linked the Bundestag attack and others to Pawn Storm, a group with ties to Russia — whose government has repeatedly denied it’s hacking foreign powers.
There was never any information leaked from the Bundestag hack despite its severity: Attackers roamed the network for more than a week before they were detected. The Bundestag’s entire IT system had to be taken down for several days to fix the problem. The German government has since bolstered its technology protections, setting up a cyber-defense unit in 2017 staffed by thousands of soldiers and IT experts to protect military networks and key infrastructure such as power plants and hospitals.
Germany’s Federal Office for Information Security, known as BSI, is heading the investigation into the data dump at its cyber defense center. So far the agency has no information that government networks have been affected, the BSI said on Twitter. Germany’s domestic intelligence agency BfV is reviewing the data and can’t yet comment because of the volume of the volume, a spokeswoman said.
“The perpetrators want to erode trust in our democracy and in our institutions,” German Justice Minister Katarina Barley said, according to news agency DPA. “Criminals and their backers must not be allowed to dictate debate in our nation.”
It’s unclear at this point whether the data release is linked to the 2015 Bundestag hack, and how significant it is. It includes two email addresses and a fax number the perpetrators link to Merkel, and a letter by SPD lawmakers sent to the chancellor in 2016 that criticizes her handling of the refugee crisis. There’s also what appears to be chat transcripts from Economy Minister Peter Altmaier. More mundane material includes rental-car contracts and letters, some of them several years old.
The attack appears to have affected all major German political parties with the exception of the populist Alternative for Germany. The Merkel’s CDU/CSU party caucus declined to immediately comment.
The leaks were coordinated by four Twitter accounts that appear to be linked to the political right, Hegelich said. For now, there’s no evidence pointing to Russia or the Bundestag hack from 2015, he said.
“This hack is different from breaching the Bundestag networks — which required a much higher level of sophistication,” Hegelich said. “But they’re no kids either. It’s people that know about IT security.”