On Thursday, authorities in Germany were made aware of an enormous leak of personal information belonging to artists, media figures, and politicians—including Chancellor Angela Merkel. The hack is being called the “biggest data dump” in German history and appears to contain a treasure trove of information that could be used for identity theft.
Early reports and tweets identified the source of the leak as a now-suspended Twitter account with the handle “@_0rbit” and username “G0d.” According to multiple reports, the account began posting the data in December, Advent-calender-style. The astounding collection of stolen information reportedly includes email addresses, documents, private correspondence, credit card information, passwords, family information, and even photocopies of personal ID cards. The victims included the members of virtually every political party in German Parliament, TV journalists, musicians, and YouTube stars.
While the Twitter account and an associated Blogspot have been removed, the information was still relatively easy to track down. One security researcher on Twitter noted that this dump was incredibly labor intensive with hundreds of mirror links ensuring the information would be difficult to take down. At least one link that Gizmodo viewed on Imgur disappeared a few minutes later.
Most of the documents are in German, and it’s unclear how much of it is authentic. MP Florian Post told German outlet Tagesschau that at least one of the documents attributed to him in the dump doesn’t belong to him but confirmed that much of it was genuine. According to the Guardian, a government spokesperson told the media that “no sensitive information” from Chancellor Merkel was published but that just identifying her private email addresses and fax number—both of which were included in the dump—could give an enterprising hacker the information they need to target the German leader. And just to reiterate, this data has been sitting out there since December. Just because authorities and the press didn’t notice doesn’t mean malicious actors didn’t.
It’s unclear what the leaker’s motivation is or how they came across all of this data. According to Bloomberg, German Justice Minister Katarina Barley said, “The perpetrators want to erode trust in our democracy and in our institutions.” That line echoes the talking point usually trotted out when the Russian government is blamed for a political hack. The idea being that a political actor is attempting to sow discord with damaging or embarrassing information about one party or another. So far, no one has reported finding anything notably scandalous. At the moment, the leak appears to be a purely malicious act without public value.
German authorities have not confirmed that this was a hack, and the Ministry of Interior told reporters the method of collecting the data “can not be determined with certainty.” According to journalist Julian Röpcke, German intelligence admitted that it was unaware of the leak until last night.
When asked to confirm that the offending account and all associated accounts have been removed, a Twitter spokesperson told Gizmodo:
We acted on the issue as soon as it was brought to our attention. Posting a person’s private information without their express permission is a direct violation of the Twitter Rules. We also recently updated our Rules to prohibit the distribution of any hacked material that contains private information, trade secrets, or could put people in harm’s way.
One good thing that could come out of this mess is, politicians have begun to call for stronger data protection and security measures in Germany. Britta Haßelmann, the parliamentary executive director of the Greens, released a statement asking for proactive measures that include “a renunciation of state-run security with vulnerabilities, end-to-end encryption and the strengthening of independent supervisory structures.”
We expect more news to come as journalists and researchers comb through all of the data.