Hundreds of German politicians, including Chancellor Angela Merkel, have fallen victim to a massive online leak of private data, the government said Friday.
“Personal data and documents belonging to hundreds of politicians and public figures were published on the internet,” government spokeswoman Martina Fietz told reporters.
“The government is taking this incident very seriously.”
She said the political officials included members of the Bundestag lower house of parliament, the European Parliament as well as regional and local assemblies.
Deputies from all parties represented in the Bundestag were affected, she added.
But Fietz said that a preliminary investigation indicated that “no sensitive information or data” from Merkel’s office had been leaked.
The stolen data, which comprised personal addresses, mobile phone numbers, letters, invoices and copies of identity documents, was published online via Twitter in December but inexplicably only came to light this week.
Beyond politicians, who also included President Frank-Walter Steinmeier, celebrities and journalists were also targeted.
The daily Bild and public broadcaster RBB first reported the leak.
Bild said the theft of the data continued until the end of October but it was not clear when it started.
“At first glance it does not seem that politically sensitive material was included,” RBB said.
– ‘Satire and irony’ –
“However the damage is likely to be massive given the volume of personal data published.”
Given the vast range of data hoovered up, RBB said it seemed unlikely that it was taken from a single source.
Parliamentary group leaders were notified of the attack late Thursday and the Federal Office for Information Security (BSI) and the domestic intelligence service said they were investigating.
“According to our current information, government networks have not been targeted,” BSI tweeted.
The Twitter account @_0rbit published the links daily in the style of an advent calendar, with each entry representing a “door”, behind which was a link to new information.
The account, calling itself G0d, was opened in mid-2017 and purportedly has more then 18,000 followers.
It described its activities as “security researching”, “artist” and “satire and irony” and said it was based in Hamburg.
The domestic intelligence service, the Office for the Protection of the Constitution, reported repeated cyberattacks last year against MPs, the military and several embassies allegedly carried out by Russian cyber espionage group “Snake”.
Also known as “Turla” or “Uruburos”, the group, which targets state departments and embassies worldwide, is believed to have links to Russian intelligence.
Last March, computer networks belonging to the German government came under sustained attack and data from foreign ministry staff were stolen.
The Russian government at the time denied that Russian hackers were involved.