Germany’s cyber security agency is scrambling to uncover the identity of the culprit behind a huge breach of politicians’ personal data.
It emerged on Thursday night that a Twitter account had been posting sensitive information about hundreds of German politicians, journalists and celebrities.
The compromised information included messages, financial data and contact details relating to politicians in several parties, but not the far-right AfD.
Sign up to Emerging Threats, our weekly cyber security newsletter
Cyber security experts have proposed a number of scenarios for how the breach may have been carried out. Some claim an insider could have been responsible, while others believe the breach may have entailed a coordinated series of social engineering attacks.
Speaking to NS Tech, Professor Alan Woodward, a cyber security expert at Surrey University, noted that the German parliament had developed a cyber defence unit following similar incidents in the past. “If this was a hack of their system, it’s most likely a very elaborate social engineering attack,” he said.
Russia has been blamed for two previous attacks on German state computers. In 2016, it was accused by the German government of carrying out a cyber attack on parliamentary computers that took place in the previous year. Germany also blamed Russia for carrying out an attack on government computers last year.
“It’s worrying that it’s happening but not entirely surprising given what Russia has done in the past,” Woodward added. “This release is not for monetary gain so you have to look at the motive.”
Justice minister, Katarina Barley, described the attack as “serious” and said the “people behind [it] want to damage confidence in our democracy and institutions”, the BBC reported.