German politicians hit by hackers in large-scale data dump
The ‘elaborately done social-engineering attack’ happened via Twitter over the past two weeks
Berlin/Seeon — Hackers have released personal data linked to hundreds of politicians in Germany in the biggest data dump of its kind in the country.
However, a government spokesperson said on Friday that no sensitive information from Chancellor Angela Merkel’s office was among the data published online.
"With regard to the chancellery, it seems that, judging by the initial review, no sensitive information and data have been published and this includes [from] the chancellor,” the spokesperson told a regular government news conference. The information includes e-mail addresses, cellphone numbers, photos of IDs and personal chat transcripts, according to an initial review on Friday.
The data was leaked over the past weeks via a Twitter account called “G0d” that identifies itself as based in Hamburg and describes itself using the words “security researching”, “artist” and “satire & irony”.
It looks like the hackers got the passwords to Facebook accounts and Twitter profiles and worked their way up from there, collecting additional data in the process, said Simon Hegelich, a political scientist at Munich’s Technical University who has studied the manipulation of social networks.
“It’s a very elaborately done social-engineering attack,” he said on Friday by phone. “A lot of data has been dumped.”
Germany has seen a range of intrusions in recent years. Hackers tried to infiltrate computers of think-tanks associated with the governing CDU and SPD parties in 2017. A year earlier, scammers set up a fake server in Latvia to flood German lawmakers with phishing e-mails.
In 2015, unidentified criminals breached the network of the Bundestag parliament, stealing 16GB of data. Security firm Trend Micro has linked the Bundestag attack and others to Pawn Storm, a group with ties to Russia — whose government has repeatedly denied it’s hacking foreign powers.
There was no information leaked from the Bundestag hack despite its severity: attackers roamed the network for more than a week before they were detected. The Bundestag’s entire IT system had to be taken down for several days to fix the problem. The German government has since bolstered its technology protections, setting up a cyber-defence unit in 2017, staffed by thousands of soldiers and IT experts to protect military networks and key infrastructure, such as power plants and hospitals.
Germany’s Federal Office for Information Security, known as BSI, is heading the investigation into the data dump at its cyber-defence centre. So far the agency has no information that government networks have been affected, the BSI said on Twitter. Germany’s domestic intelligence agency BfV is reviewing the data and can’t yet comment because of the volume of the work involved, a spokesperson said.
“The perpetrators want to erode trust in our democracy and in our institutions,” German justice minister Katarina Barley said, according to news agency DPA. “Criminals and their backers must not be allowed to dictate debate in our nation.”
It’s unclear at this point whether the data release is linked to the 2015 Bundestag hack, or how significant it is. It includes two e-mail addresses and a fax number the perpetrators link to Merkel, and a letter by SPD lawmakers sent to the chancellor in 2016 that criticises her handling of the refugee crisis. There’s also what appears to be chat transcripts from economy minister Peter Altmaier. More mundane material includes rental-car contracts and letters, some of them several years old.
The attack appears to have affected all major German political parties with the exception of the populist Alternative for Germany. The Merkel’s CDU/CSU party caucus declined to immediately comment.
The leaks were co-ordinated by four Twitter accounts that appear to be linked to the political right, Hegelich said. For now, there’s no evidence pointing to Russia or the Bundestag hack from 2015, he said. “This hack is different from breaching the Bundestag networks — which required a much higher level of sophistication. But they’re no kids either. It’s people that know about IT security.”