Lone Student Admits to Carrying Out Germany's Biggest Data Dump

(Bloomberg) -- A 20-year-old German man from the state of Hesse has confessed to publishing a huge trove of private data linked to Chancellor Angela Merkel and hundreds of other public figures.

The man, who police did not identify by name, was arrested after his home was raided on Sunday and released the following day after admitting to publishing the data via Twitter, the BKA Federal Criminal Police Office said in a statement. The suspect, who said he acted on his own, is a student who lives with his parents and has no previous convictions.

“The accused said the motivation for his actions was irritation at public statements by the affected politicians, journalists and public figures,” the BKA said. He also gave investigators assistance in uncovering crimes committed by others, which helped him avoid pretrial detention, officials said.

The man’s confession came just days after the biggest dump of hacked data in Germany became public. Before media outlets reported on the hack late last week, authorities failed to react to the leaked data, which had trickled out over weeks. The information -- including email addresses, mobile phone numbers and chat transcripts -- were leaked via a Twitter account called “G0d” that described itself using the words “security researching,” “artist” and “satire & irony.”

Germany is still removing the data from the Internet, but there are no signs that any information was released that would increase security risks, Interior Minister Horst Seehofer said at a press conference in Berlin.

The government was already planning to create an early warning system for data leaks, including blocking Twitter accounts releasing private information. Legislation will be ready in the first half of 2019, Seehofer said.

Germany has seen a range of intrusions in recent years. Hackers tried to infiltrate computers of think tanks associated with the governing CDU and SPD parties in 2017. A year earlier, scammers set up a fake server in Latvia to flood German lawmakers with phishing emails.

Chat Transcripts

In 2015, attackers breached the network of the Bundestag parliament and stole 16 gigabytes of data. Security firm Trend Micro Inc. has linked the Bundestag attack and others to Pawn Storm, a group with ties to Russia -- whose government has repeatedly denied hacking foreign powers.

There was never any information leaked from the Bundestag breach in which hackers roamed the network for more than a week before they were detected. The Bundestag’s entire IT system had to be taken down for several days to fix the problem.

The German government has since bolstered its technology protections, setting up a cyber-defense unit in 2017 staffed by thousands of soldiers and IT experts to protect military networks and key infrastructure, such as power plants and hospitals.

The data also includes what appears to be chat transcripts from Economy Minister Peter Altmaier as well as more mundane material such as rental-car contracts. The attack affected all major German political parties, with the exception of the populist Alternative for Germany.

©2019 Bloomberg L.P.