Hundreds of politicians from Germany, including Chancellor Angela Merkel, have seen their personal information leaked online
Twitter has exposed contacts, private chats and financial information belonging to members of all political parties in Germany, with the exception of AFD, an extreme right-wing political organization, according to experts in cybersecurity and digital forensics from the International Institute of Cyber Security. According to the reports, personal information of celebrities and journalists has also been leaked.
The identity of the author or perpetrators of the attack is still unknown. Via Twitter, the perpetrators shared files were they published the compromised information for a whole month.
German Interior Minister Horst Seehofer mentioned that the authorities were working to find the origin of the attack. The minister also pointed out that there is no evidence that Germany’s governmental or parliamentary systems have been compromised.
Cybersecurity experts say that, apparently, information leaking originated in a Twitter account operated from the German city of Hamburg; Germany’s law enforcement agencies are working with Ireland’s data protection commissioner to stop the Internet circulation of this sensitive information. Because the main offices of Twitter Europe are in Dublin, this incident is under the jurisdiction of the Irish regulatory authorities, the experts mentioned.
The German government claims to be unaware of the true scope of this cyberattack, although Katarina Barley, the Minister of Justice, has declared that it is a “serious attack.” “The people behind this incident are trying to harm the trust in our democracy and institutions,” he mentioned. Martina Fietz, a government spokesperson, said that no confidential data were published from the Chancellery. Instead, deputies, MEPs and local Congress legislators have been affected.
Although there is no evidence that highly sensitive or confidential information has been leaked, the German Government considers that the consequences could be considerable due to the large volume of leaked information.
The Twitter account where the leaked information was posted identified by the German government as @ _ 0rbit, was followed by more than 17k people. According to specialists in cybersecurity, the account has already been suspended from the Twitter platform. The leaked information began to be published between December 1st and 28, although the government learned of the incident until last Thursday.
The Minister of the Interior mentioned that, according to the first analyses, data were obtained through the misuse of login information for cloud services, email accounts or social networking platforms.
The German government supports the hypothesis that right-wing groups in Germany or Russia might be behind these attacks. Sven Herpig, a consultant on cybersecurity, believes that Russians are the main suspects because of the method used to deploy the attack, and because Germany will hold state and European Parliament elections this year.