German prosecutors said Tuesday they had brought charges against a 22-year-old hacker who released personal data of dozens of politicians, journalists and other public figures online, embarrassing national authorities.
The German man — arrested in January last year — is accused of multiple computer crimes, as well as making false reports to the police and attempted blackmail.
Police at the time of his arrest said he had confessed to stealing and leaking online private data — so-called “doxxing” — from hundreds of politicians and public figures, among them Chancellor Angela Merkel.
The accused said his motive was being “annoyed” at some of their public statements.
The 2018 case prompted German authorities to promise beefed-up IT security, coming just three years after the federal parliament’s computer network was crippled by a hacking attack since pinned on the Russian state by Berlin’s intelligence services.
Tuesday’s charges cover 73 cases where the accused acquired “personal data, especially telephone numbers, addresses, credit card data, photos and communications” belonging to his targets.
Investigators said he used email providers’ password reset facilities to gain access to the people’s accounts, as well as trawling a “hacker website” shut down by American authorities in January 2020 for login details already acquired by third parties.
When arrested, officials said the suspect had made a “comprehensive” confession and shown “clear remorse” for his hacking attacks on around 1,000 people.
Between December 1 and December 24, 2018, he released a drip-feed of personal data on his Twitter account with the display name “G0d” in a so-called “advent calendar”.
He repeated the data drop the following month using the Twitter account of a YouTube personality to which he had acquired access.
Further charges include a blackmail attempt against six German MPs, in which the hacker demanded Bitcoin payments worth around 900 euros ($1,000) in exchange for withholding their personal data.
He is also accused of making three false reports to the police of imminent bomb attacks or mass shootings between June 2016 and December 2018, as well as triggering two investigations against other people with false crime reports in the same period.
