German politicians suffer massive hack of personal details and private communications

Who might be behind this I wonder?

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

German politicians suffer massive hack of personal details and private communications

Bild has broken news today of a serious hack that is impacting public figures in Germany.

The private communications, emails, contact details, mobile phone numbers, memos, and financial information of hundreds of politicians was leaked via Twitter account in the run-up to Christmas, seemingly un-noticed until now.

Victims of the hack reportedly include Chancellor Angela Merkel and president Frank-Walter Steinmeier.

Sign up to our free newsletter.
Security news, advice, and tips.

Twitter account sharing hacked information

All German political parties apart from the far right group Alternative for Germany (AfD) have been impacted.

The breadth of the hack – involving not just political parties, but also journalists, comedians, and artists – suggests that this has been a co-ordinated effort by a determined group over many many months, amassing as much personal and sensitive data as possible and releasing it with an as yet unknown end goal.

How did the hackers steal the sensitive information?

I have no way of knowing for sure, but my best guess would be something like the following:

  • Phishing attacks stole passwords from victims.
  • Those passwords were then used to access victims’ other online accounts – including perhaps, email, chat and social media accounts. This was made easier by victims making the all-too-common mistake of reusing passwords and not having two-factor authentication (2FA) enabled.
  • Once logged into the accounts, attackers could read and collate sensitive data and private communications.

You can reduce the chances of something similar happening to you by using unique passwords for every account, enabling 2FA everywhere possible, and wiping toxic data that you no longer need to store in case it later falls into the wrong hands.

This hack clearly isn’t about extortion or financially-motivated. This is about attempting to destabilise Germany society.

And that destabilisation can take various forms. For instance, it’s perfectly possible that not all the data that has been leaked is accurate. Some of it may have been manufactured and counterfeited by the perpetrators to cause even more confusion and dissent. Journalists reporting on the documents need to take care and act responsibly not to unwittingly assist the hackers in their agenda.

Inevitably, many eyes will be looking to Russia as the possible criminal masterminds behind this attack. We’ll have to wait and see if any firm evidence of Russian involvement comes to light, but if you wanted to place a bet on it I wouldn’t blame you.

And remember this. If an attack like this can be done successfully against such a wide range of figures in the public eye in Germany, it can be done against any country. It takes a lot of effort, but if you’re a country with the right inventive and resources, you can get it done.

Twitter has now suspended the account that was sharing links to the hacked material (although archives of those tweets are still available online if you know where to look.)


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.