Four days into 2019 and Germany saw a massive data breach where personal data and documents of several eminent public personalities including the Chancellor Angela Merkel were published online. The event has been touted to be one of the most far-reaching data breaches the country has ever witnessed. The data that was published on a Twitter account called @_0rbit, included addresses, personal letters and copies of identity cards. The account has now been deleted.
The early investigation into the matter revealed that the attack “wrongful use of log-in information for cloud services, email accounts or social networks,” Interior Minister Horst Seehofer said in a statement.
According to him, the computer systems in the German parliament have not been compromised, even though he did not provide any other details about the breach. “”One bit of positive news is that government networks are apparently not affected by this or these hacker attacks. But it’s clear that we as the federal government … must do more to improve cyber security,” he said.
The motive behind the attack is still unclear. The investigating agencies are looking into all possibilities including leaks and espionage. A government source told Reuters that the it was unlikely that a single person has been responsible for the massive breach.
In connection with the incident, a 20-year-old man was arrested from his apartment in Hesse. According to reports, the suspect has confessed and has been in detention since Sunday. However, the police has not confirmed the confession and have scheduled a press conference.
The police also searched the apartment of Jan Schuerlein, a 19-year-old techie from Heilbronn. He took to Twitter to reveal that he was being treated as a witness in the investigation.
The incident has called for improved online security for German citizens. “”Such an attack must be used as a reason to very carefully examine if everything has been done to achieve the best possible security of data,”Germany’s digital coordinator, Dorothea Baer told the Handelsblatt newspaper. “It is legitimate to examine whether software manufacturers and platforms must be required to do more to ensure data security,” she told.