The German city-state of Hamburg has said it is working with Irish Data Protection Commissioner to stop the spread of German politicians' data via Twitter.

Private data stolen from hundreds of German politicians including Chancellor Angela Merkel has been published online, the German government has said, in a stunning breach of cyber security.

The information, which comprised home addresses, mobile phone numbers, letters, invoices and copies of identity documents, was first released via Twitter in December but its spread gathered pace this week.

The city's data protection agency said the Twitter account used to spread personal data has been deleted, but it has not received an answer from Twitter about its demand to delete a list of short links to other platforms where the data resides.

It said the scope of the published personal data was enormous, and the potential consequences for affected individuals could be significant.

Twitter's European headquarters are in Dublin, meaning the leak falls under the remit of the Irish data protection authority.

It was not immediately clear whether the officials were targeted by hackers or the victims of an internal leak of the data, some of which dates back to 2017.

"Personal data and documents belonging to hundreds of politicians and public figures were published on the internet," government spokeswoman Martina Fietz said.

"The government is taking this incident very seriously."

Many of those targeted were members of German parliament
Many of those targeted were members of the German parliament

Among those affected were members of the Bundestag lower house of parliament and the European Parliament as well as regional and local assemblies, she said.

Deputies from all parties represented in the Bundestag were targeted, as well as President Frank-Walter Steinmeier, an interior ministry spokesman said.

However Christian Lueth, parliamentary group speaker for the Alternative for Germany (AfD), later said that his party's deputies were not hit by the attack and the interior ministry later confirmed this.

Ms Fietz said a preliminary investigation indicated that "no sensitive information or data" from Ms Merkel's office had been leaked.

Berlin's political establishment nevertheless reacted with alarm.

"Whoever is behind this wants to damage faith in our democracy and its institutions," Justice Minister Katarina Barley said in a statement.

The far-left Linke's parliamentary group chief, Dietmar Bartsch, called it "an attack on democracy".

Beyond politicians, the leak also exposed the private data of celebrities and journalists, including chats and voicemail messages from spouses and children of those targeted.

The daily Bild and public broadcaster RBB first reported the leak.

Bild said it was not clear when the data theft began but said it continued until the end of October.

"At first glance, it does not seem that politically sensitive material was included," RBB said.

"However the damage is likely to be massive given the volume of personal data published."

The interior ministry spokesman said it was unclear who was behind the data dump, which derived both from social media and private "cloud" data.

A deputy from Ms Merkel's Christian Democratic Union party, Patrick Sensburg, pointed the finger at right-wing extremists.

"I assume this was a hacker attack by people close to the AfD," he told the daily Handelsblatt.

Ms Fietz said the amount of Ms Merkel's data that was exposed was "not excessive" but warned that some of the documents and information published might have been faked.

Given the vast range of data hoovered up, IT experts said it seemed unlikely that it was taken from a single source.

Parliamentary group leaders were notified of the attack late on Thursday and the Federal Office for Information Security (BSI) and the domestic intelligence service said they were investigating.

"According to our current information, government networks have not been targeted," BSI tweeted.

The Twitter account @_0rbit published the links every day last month, along the lines of an advent calendar with each link to new information hidden behind a "door".

The account, which calls itself G0d, was opened in mid-2017 and purportedly has more than 18,000 followers.

It described its activities as "security researching", "artist" and "satire and irony" and said it was based in Hamburg.

A link to Ms Merkel's data showed two email addresses used by the chancellor, a fax number and letters apparently written by her and to her.

By midday today, Twitter had suspended the account.

#Germany #DataBreach #GDPR #News #CyberSecurity #Hackers #BSI #Twitter #DPC #Ireland #DPO

via RTE