The personal information of German Chancellor Angela Merkel, as well as those of hundreds of other politicians have been released publicly. Notably, there is the presence of credit card details and mobile phone numbers among the leaked data. It didn’t end at politicians since journalists and celebrities were among those hacked. After being published on Twitter, the account associated with the hacks has since been removed and the validity of the exposed information is questioned.
The German federal office for information security (BSI) caught wind of the leak and has launched investigations. Without divulging much details, a spokesperson of BSI spokesman mentioned that the national cyber defence body met in response to the hack. Martina Fietz, a spokeswoman for the government said:
“Personal data and documents belonging to hundreds of politicians and public figures were published on the internet. The government is taking this incident very seriously.”
From what the investigators have gathered so far, they believe that government networks have been untouched. Martina Fietz also revealed that despite the massive amount of released data, nothing politically sensitive from Merkel’s office was leaked.
As first seen in a report from RBB, the items posted involved politicians from all German political parties with the exception of the Alternative for Germany (AfD). Even though it was clear that nothing sensitive in the political nature was published, the non-political which have been exposed to the public’s eyes constitute a major privacy threat to the members of parliament.
Reporters say a Twitter account revealed links of the compromised data in an advent calendar-like style, sometime before Christmas. The aforementioned “compromised data” varied as per the MP in question and included party members lists, forms, personal correspondences, ID card copies, credit card details as well as phone numbers.
Not much is known about those who perpetrated the attack. The Twitter account in charge of sharing the links leading to a website containing the hacked information went by the username @_0rbit, was opened sometime in 2017 and had about 18000 followers. The website which housed the stolen data appears to have be owned by a hamburg-based person. More investigations are underway.