A number of German politicians have been the target of a massive data leak, one that contains extensive amounts of information. The data in question includes email addresses, private correspondence, passwords, phone numbers, work emails and photos, among other information, and those affected reportedly include journalists and celebrities as well as politicians. According to multiple reports, the data was leaked from the Twitter account @_0rbit — which has since been suspended — and the account began sharing the stolen information in December.
The scale of the attack is unprecedented
Mobile phone numbers, addresses, private family conversations, vacation pictures, bills, communications between politicians, work emails etc. were leaked
In most cases, Outlook was hacked, in some cases also Facebook, Twitter etc.#BTleaks
— Julian Röpcke (@JulianRoepcke) January 4, 2019
While some communications belonging to German President Angela Merkel were found among the documents, a government spokesperson told The Guardian that no sensitive information linked to Merkel had been leaked. So far, it’s unclear who was behind the incident. Victims appear to include politicians belonging to every major German party except for the far-right Alternative for Germany party.
Security researchers have noted that the information included in the leak was not only large-scale and detailed, but also extensively spread out across a number of sites and mirror links. “Way too much effort went into ensuring that this data would be really hard to take down,” tweeted one researcher.
This data leak has so much data squirrelled away to avoid take downs. It must have required many man hours of uploading.
– 70 mirrors of the download links
– 40 d/l links, each with 3-5 mirrors
– 161 mirrors of data files
Plus the tweets, blog posts, mirrors of mirror links.
— the grugq (@thegrugq) January 4, 2019
It’s also unknown just how those behind the leak obtained the information, but Germany’s Federal Office for Information Security released a statement saying there’s no evidence yet of a successful cyberattack on government networks. “After an initial analysis much evidence points towards the data being obtained through the improper use of login details to cloud services, email accounts or social networks,” the interior minister, Horst Seehofer, said in a statement, according to The Guardian. “Currently nothing points towards the system of the parliament or government having been compromised.”
A Twitter spokesperson told Gizmodo that the company took action against the @_0rbit account after it was brought to Twitter’s attention. “Posting a person’s private information without their express permission is a direct violation of the Twitter rules,” they said. “We also recently updated our rules to prohibit the distribution of any hacked material that contains private information, trade secrets or could put people in harm’s way.”