Cybersecurity authority defends handling of mass data hack

Germany’s cybersecurity authority defends handling of mass data hack
| Agency “not aware of full extent of data leak”.

Germany’s cybersecurity authority has defended its handling of a massive data breach, after failing to inform police for several weeks. The agency says it was unaware of the extent of systematics leaks affecting hundreds of politicians, until last Thursday evening.

Celebrities, journalists and politicians, including Chancellor Angela Merkel, are among those whose personal information was published online. It is still unclear who was responsible for the data breach.

The attacks occurred throughout December, but did not become public knowledge until Friday.

Contacts, private chats and financial data from all political parties – except the far-right AfD – were posted on Twitter.

Germany’s interior ministry said there was no evidence that parliamentary or government systems had been compromised. So far, it is not known if the attack was the result of hacking, or whether someone with access rights had leaked the data.

Who knew about the mass data hack?

The Federal Office for Information Security (BSI) was heavily criticised after it emerged they knew about the leak since December.

President of the BSI, Arne Schoenbohm, told broadcaster Phoenix that his team “had already held corresponding talks very early in December with certain members of parliament who were affected”, and launched a “mobile incident response team”.

However, on Saturday, the BSI said in a statement it had only known about five isolated cases for weeks, and could not ‘connect the dots’ until Thursday.

Earlier, lawmaker André Han said:

It makes me unbelievably cross that yet again I’ve found out about such things from the media – even though I’m a member of the parliamentary monitoring group… the federal government’s duty to keep parliament informed still applies between Christmas and the new year.

Who was affected by the data breach?

National and local political figures, and a number TV personalities had their details stolen as a result of the data breach:

  • Chancellor Angela Merkel: her email address and several letters to and from the chancellor appear to have been published

  • The main parliamentary groups including the ruling centre-right and centre-left parties, as well as The Greens, left-wing Die Linke and FDP. Only AfD appears to have escaped

  • Greens leader Robert Habeck, who had private chats with family members and credit card details posted online

  • Journalists from public broadcasters ARD and ZDF as well as TV satirists Jan Böhmermann and Christian Ehring, rapper Marteria and rap group K.I.Z, reports say

The full extent of damage caused by the leak is not yet known although Justice Minister Katarina Barley described the incident as a “serious attack”. She said:

The people behind this [mass data hack] want to damage confidence in our democracy and institutions.

It is unclear who was behind the cyber attack, although the main suspects include right-wing groups in Germany, as well as Russia.

Souces and credits: BBC News

More news stories on mass data hacks

Leave a Reply