German authorities on Tuesday said a 20-year-old hacker had confessed to stealing and leaking private data from hundreds of politicians, including Chancellor Angela Merkel, because he was “annoyed” by some of their public statements.
The young German, who is still studying and lives with his parents, was detained after police searched the family home in the western state of Hesse on Sunday.
The suspect was not remanded in custody however because he is fully cooperating and not deemed a flight risk, said Georg Ungefuk, a spokesman for the Frankfurt prosecution service’s internet crime office ZIT.
“The accused said he published the data because he had been annoyed by certain statements made by those affected,” Ungefuk told a press conference in Wiesbaden.
The suspect, who because of his age falls under juvenile law in Germany, told police he acted alone.
He stands accused of spying and illegally publishing personal data.
Ungefuk said the accused had made a “comprehensive” confession and shown “clear remorse” about the stunning cyber security breach which hit around 1,000 politicians, journalists and celebrities and piled political pressure on the government.
– AfD not targeted –
The information leaked online comprised home addresses, mobile phone numbers, letters, invoices and copies of identity documents. The data was first released via Twitter in December but its spread gathered pace last week.
Among those affected were members of the Bundestag lower house of parliament and the European Parliament as well as regional and local assemblies.
Deputies from all parties in the Bundestag were targeted with the exception of the far-right Alternative for Germany (AfD), the largest opposition group.
The head of cyber security at Germany’s Federal Police Office (BKA), Heiko Loehr, told reporters it was too soon to say if the suspect was acting out of far-right sympathies.
“We are still investigating his motives and whether they may have been criminal or politically motivated,” he told reporters, adding that police were also working to confirm whether the suspect did indeed work alone.
Investigators have seized computers and hard drives from the scene that were now being combed over by experts, Ungefuk added.
– ‘Aware of risks’ –
Although the leak was sweeping, there is no evidence that sensitive information reached the public.
In the vast majority of cases, only basic contact information was made available.
The leak has nevertheless been deeply embarrassing for the political class, exposing a naive and sometimes reckless use of computer networks, and turned up the heat on unpopular interior minister Horst Seehofer.
At a Berlin press conference, Seehofer praised the authorities’ “very efficient” handling of the case despite criticism that relevant bodies were slow to respond to the leak.
He also announced measures to boost cyber defences, some of which were already in the works before the hacking incident.
Staffing at Germany’s BSI cyber security body would be beefed up, Seehofer said.
And his ministry would introduce legislation on IT security in the first half of 2019, which would include an early warning system for data leaks and cyber safety certificates on IT products.
But he warned that internet users also had “a responsibility” to be aware of the risks and take steps to protect their data online.
– ‘Attack on democracy’ –
The information revealed in the leak, which in a few cases included chats and voicemail messages from spouses and children of those targeted, derived from both social media and private “cloud” data.
The Twitter account @_0rbit published the links last month, along the lines of an advent calendar with each link to new information hidden behind a “door”.
The account, which calls itself G0d, has been suspended by Twitter.
It described its activities as “security researching”, “artist” and “satire and irony” and said it was based in Hamburg.
Justice Minister Katarina Barley, who last week had labelled the data dump an attack on “our democracy and its institutions”, called on internet service providers and social networks “to shut down accounts as soon as they have been hacked”.
German politicians and lawmakers have repeatedly fallen victim to cyberattacks in recent years.
In 2015, the Bundestag network was hit by a malware attack later blamed on Russian hackers.
In March last year, computer networks belonging to the German government came under sustained attack and data from foreign ministry staff was stolen.
At the time, Moscow denied that Russian hackers were involved.