Julian Röpcke
+ Your AuthorsArchive @JulianRoepcke Journalist. Conflict analyst. Verantwortlicher Redakteur im Ressort Politik @BILD. Nur meine Meinung! „Twitter-Feldherr des Tages“ - jW. RTs & Likes ... #hahohe Jan. 04, 2019 1 min read

Germany faces the biggest hacker attack in its history.
Private data of almost 1000 German #Bundestag, #Regional Parliament & #EU delegates was leaked.
I worked through the leaked data all night. It's shocking!
Not affected so far: #AfD.

The scale of the attack is unprecedented
Mobile phone numbers, addresses, private family conversations, vacation pictures, bills, communications between politicians, work emails etc. were leaked
In most cases, Outlook was hacked, in some cases also Facebook, Twitter etc.

The leaked data, which was illegally collected until October 2018 and released December 2018, but just found now, is still publicly available.
I searched through it 5 hours last night, read maybe 3%of it and already found cases of corruption and bad political scandals.

It will be thus very hard for journalists to determine what they do with the data now.
We must act responsibly, but we must also not forget that if we do not report accurately on the info in the leaked data, others – right-wing extremists – will do it.
Unique situation.

Also hacked were around 40 German public TV journalists and 10 artists, most of them known for their left-leaning political stance.
Also from the artists, comedians, moderators etc partially very private data was leaked, in some cases nonetheless only mobile number.

You didn’t see me using the word “Russia” so far as there is no evidence for its involvement so far.
But what I can say is that hackers needed months if not years to collect, inspect, categorize and describe the leaked data, pointing at a group of high professionalism.

The fact that the #AfD is not affected by the hacking scandal so far does not mean it is behind it.
My personal evaluation is rather that someone wanted to create exactly this discrepancy and increase political tensions among German Bundestag parties resp. left & right.

The Twitter channel of the hackers - active since 2015 and posting the #BTleaks hacks all over December 2018 - has finally been suspended.

Government presser: German intelligence had NO IDEA of the #BTleaks until last night!
Also the chancellory was informed last night.
A Supergau.
Hacks were ongoing for months or years.

We can now say that some of the data collection of former or current German MPs reach back to 2009.
We can also say that the hackers removed single data sets after they collected and screened them.
This raises the possibility of more, compromising, data being out there.

First German MPs receive Twitter messages, asking them to admit their real sexual preferences.
The hackers obtained pornographic material of them ...

"We will not use such sensitive data in any way, not now and not in the future."

@BILD's editor-in-chief @jreichelt released a statement, explaining how we as Germany's largest newspaper will deal with the hacked and leaked private information.

Exclusive numbers of affected German politicians by the #BTleaks:
398 MPs
90 fmr. MPs
355 local MPs
44 fmr. local MPs
11 MEPs
8 fmr. MEPs
Much more detailed infos tomorrow before noon @BILD.

I was interviewed by the @BBCNewshour this evening, trying to make sense of the #BTleaks.
The 5 minute interview starts at 34:20.

Day 2 of the #BTleaks and first accusation of dysfunctionality within the German cyber security structures arise.
The "Federal Office for Information Security" BSI was in contact with some hacked MPs since early December.
However, Germany's "Federal Police Agency" BKA

,Germany's Parliamentary Control Council, intel services and the public were not informed.
Before the BSI chief admitted the MP contacts yesterday evening, his spokesperson claimed at the govt. press conference that the BSI just learned about the #BTleaks on Thursday evening.

My colleagues counted and categorized the victims.

We (with the help of 2 GER hackers) possibly found one of the hackers, responsible for the #BTleaks.
He shared the hacked & leaked information weeks to months before GER authorities & the public found out about the hack.
And it's still out there!

The suspected hacker seems to be a right-wing extremist from what he posted under pseudonyms in different forums.
He endorsed the NPD as well as the NSDAP and complained that the AfD "will not get away the clans" (with what he referred to all other parties in the Bundestag).

He also replied "achtundachtzig" to a thread called "nice German words".
"Achtundachtzig" means 88 which stands for HH - "Heil Hitler".

Disclaimer: All information according to our open source research only & must be verified by the authorities.
Because we did not hack anyone!

One Twitter account which we attributed to one of the #BTleaks hackers is still online!
It contains a link, leading to hacked data like an email list of the German Federal Crime Agency BKA & Skype contacts of YouTubers.
#UPDATE: It was suspended 2 hours after our story went live.

You can follow @JulianRoepcke.


Tip: mention @threader_app on a Twitter thread with the keyword “compile” to get a link to it.

Threader is an independent, ad-free project created by two developers. Our iOS Twitter client was featured as an App of the Day by Apple. Sign up today to compile, bookmark and archive your favorite threads.

Follow Threader