WASHINGTON (CIRCA) — Hundreds of German politicians and public figures had their personal data dumped online Thursday night in what is being called the biggest hack in the country's history.
Personal cellphone numbers, credit card information, private messages and internal party documents were included in the dump posted by a currently suspended Twitter account reportedly operated out of Hamburg. Most of Germany's major political parties were targeted in the hack, though some reports noted that the far-right Alternative for Deutschland (AfD) political party appeared to have been spared.
"As far as the political sector is concerned, in a first analysis, politicians and elected representatives of all levels are concerned, whether of the European Parliament, the Bundestag, the regional parliaments or local elected representatives," said Martina Fietz, Germany's deputy government spokeswoman, in a statement Thursday.
German Chancellor Angela Merkel was the highest-profile figure involved in the breach, as was her ruling coalition. But no sensitive data from Merkel's chancellery office was dumped, according to the BBC.
#BREAKING— Julian Röpcke (@JulianRoepcke) January 4, 2019
Germany faces the biggest hacker attack in its history.
Private data of almost 1000 German #Bundestag, #Regional Parliament & #EU delegates was leaked.
I worked through the leaked data all night. It's shocking!
Not affected so far: #AfD.https://t.co/26uaIyeeCS#BTleaks
The breach appears to have been part of a series of information dumps from the same Twitter account dating to Dec. 1, published in an advent calendar format. Who is behind the account remains a mystery, though Germany's Cyber Defense Center is working on the issue.
"The authorities are working flat out to determine the extent and background of the incident, and to provide assistance to those affected," Fietz said.
The Cyber Defense Center is a cooperative effort between various German intelligence agencies, government agencies and the military. Established in 2011, it was created after a monthslong review of Germany's cyber-defense capabilities. The center is tasked with preventing hackers from disrupting government networks and critical infrastructure.
But even with the center in place, Germany has still fallen victim to cyber attacks. One of the most notable occurred in May 2015 when hackers briefly shutdown thousands of government computers. It was later discovered that a hacking collective known as Fancy Bear — aka Sofacy or APT28 in the cybersecurity industry — had penetrated government networks several weeks earlier. Fancy Bear is believed to have ties to the GRU, Russia's military intelligence agency, and is the same group believed to be responsible for hacking the Democratic National Committee in 2016.