German politicians, journalists hit by massive data breach
German politicians, journalists and other prominent personalities are assessing the damage of a large data breach which has seen the publication of gigabytes of private data.
The breach carried on until October but it is not known when it began.
The dataset has been available for download since before Christmas, with details having been shared repeatedly on a Twitter account, @_0rbit (which has now been suspended), in the form of an advent calendar, according to German broadcaster rbb. Despite being publicly available for weeks, the leak only came to light yesterday, rbb correspondent Michael Götschenberg reported.
It is not known why German intelligence did not notice the leak earlier.
According to a report (in German) in Bild magazine, the attack has affected most parliamentary groups apart from the far right Alternative for Germany (AfD) party. Affected parties were notified on Thursday.
Gigabytes of data have been dumped with no attempt to organise it, and details include emails, documents, contact lists for internal party members and even personal communications.
Other material included in the data dump includes copies of ID cards, letters, invoices, direct debit authorisations, chats with family members and personal credit card details.
Those affected include chancellor Angela Merkel and her entire cabinet, German president Frank-Walter Steinmeier and political comedians Jan Böhmermann and Christian Ehring.
Ehring was hit particularly hard with more than 3.4 gigabytes of data published including holiday photos.
Bild said that the Federal Office for the Protection of the Constitution (BfV) began an investigation yesterday and is liaising with foreign intelligence services in an effort to track down the attackers.
However, Germany’s national cyber-security authority, the Federal Office for Information Security (BSI), says the secure government network has not been compromised. Mitigation efforts are being led by the National Cyber Defense Center, the BSI said.
Mike Hart, vice president for central Europe at FireEye, said that the attack was alarming but not surprising. "We already saw what is possible last year when the Bundestag was successfully breached and we’ve also seen high profile politicians hacked in other countries such as President Macron in France and Matteo Salvini in Italy," he said.
Jake Moore, cyber security expert at ESET UK, said the attack was "far more targeted" than usual but should make the targeted politicians aware of the risks and consequences of a breach. "Luckily this stolen data is over a year old but assuming some credit cards are still active, I would suggest they take a few minutes to cancel the cards in question and add fraud protection before the hacking world takes advantage of this breach," he said.
Moore was not surprised that intelligence agencies had not seen the data earlier. "This comes down to how well the Twitter account was publicising it. It is likely that without traction from fellow account holders and strict phrase searching software, the German intelligence would not have heard about it for this length of time. There are billions of accounts and therefore it can sometimes be like searching for a needle in a haystack… and that’s if you know what the needle looks like," he said.
Matt Walmsley, EMEA director at Vectra, said the attack will make a big dent in "the German government’s credibility to secure itself".
"This is just the first of many high-profile breaches we’ll see this year and it serves a powerful reminder that well-resourced, motivated and persistent attackers almost always succeed," said Walmsley.
Kirill Kasavchenko, principal security technologist at NETSCOUT, said the attack will spur governments around the world to fight cyber-crime. "Regardless of the true motivations for this particular attack, all too often it’s still too easy for hackers to access and exploit sensitive information," he said.
Kasavchenko predicted, "That’s why 2019 will be the year western governments devise policy-driven initiatives that put the right security infrastructure in place, and provide government and law enforcement agencies with the means to combat criminal or nation-state cyberattacks."
Industry: Cyber Security News
- Sales New Business / Account Manager - Sales Security / Cloud / Managed Service
- upto 50,000 base plus OTE
*Actively looking to hire now. Consultative Sales person. New business and account management. Technology and Services (Cloud / Security / Managed Services) Flexible location- remote working- London based office for when the ‘new normal’ emerges. We are looking for a capable and self sufficient sales person that will also benefit from a team that will generate leads / appointment setting. Your role will be to generate new logo business opportunities and manage and expand traction into a number of existing accounts (that have spent.) Targeting the mid market to small enterprise. This award winning business, who deliver a broad range of transformational solutions, are looking to attract a high achiever. Uncapped commission and sensible scaled targets to attract the best. Top earners achieving in excess of £200k+ Experience in selling one or more of the following is essential; Managed Services, Datacentre, Cloud and Cyber Security. All details kept in confidence, apply today to find out more. Chris.Holt@dclsearch.com 07884666351
- New Business Hunter - Global Telecom Services
- up to €90,000 base plus €60,000 OTE (some flexibility)
New Business Hunter - Telecom Services Salary up to €90,000 base plus €60,000 OTE Location: Munich Reference RA7379 Our client a leading Global Telecoms Provider are looking for an ambitious New Business Hunter to be based in Germany, targeting Germany HQ enterprises business who are looking to expand or develop their presence in the Asian markets, you will be able to sell across their full portfolio of services, from Global Connectivity, Cloud, Security and SDWAN solutions As the New Business Hunter you will be responsible for the development of new Logo accounts, focusing on growing these from initial introduction through to established customer Responsibilities: • Maintaining and developing relationships with targeted companies • Identifying opportunities to grow revenue • Generating revenue growth within new Logo customers via telephone and face to face contact, web meetings and when necessary face to face visits Skills and experience: • Fluent German and English verbal and written skills are imperative • Experience in the Telecoms/networking industry is a must • Proven new business experience and able to show how you would target, approach and win a customer • Aptitude for achieving individual revenue and key performance targets. • Proven negotiations skills. Telecoms Jobs | Telecommunications Jobs | Telecommunications Jobs