Germany’s huge data leak was the work of a 20-year-old student living with his parents

"The accused stated that he had acted out of annoyance over public statements by the politicians, journalists and public figures."

by David Gilbert
Jan 8 2019, 9:00am

Getty Images

A 20-year-old hacker living in his parent’s house was the sole perpetrator of one of the largest data leaks in German history, authorities revealed Tuesday.

The hacker, who was arrested Sunday, published private information on almost 1,000 high-profile German public figures, including some 900 politicians.

Police said they raided his parent’s home in the central state of Hesse but the suspect destroyed his computer before they arrived. Officials said they were able to confiscate some computing devices from the raid.

Investigators revealed at a press conference in Berlin Tuesday that the hacker, who used the online pseudonyms Orbit and G0d, had “acted alone” and that no third party was involved.

Police have not named the suspect.

“He comprehensively acknowledged the allegations against him and provided information on his own offenses,” Germany’s federal police, the BKA, said in a statement.

READ: Hundreds of German lawmakers targeted in mass cyber attack

As to motivation, “the accused stated that he had acted out of annoyance over public statements by the politicians, journalists and public figures concerned,” Georg Ungefuk, spokesman for the Central Office for Combating Cybercrime at the Public Prosecutor's Office, told reporters.

The self-taught hacker published sensitive private information on hundreds of local, national and European politicians over the course of a month via his Twitter account, but the scale of the breach was not recognized until media organizations reported on it last week.

Investigators said the cyberattacks that collected data were sophisticated but did not go into details about how they were conducted for fear of imitation.

One fellow hacker who said he was in touch with the suspect revealed on Twitter that the police may have been able to identify him because he used an account on encrypted messaging app Telegram linked to his mobile phone.

Information from politicians from all political parties were published, except for members of the far-right Alternative for Germany (Alternative für Deutschland, or AfD) party. When asked why AfD members were not targeted, investigators said the hacker “did not have them on his screen.”

Journalists, musicians, comedians and activists were also targeted.

While details belonging to 1,000 public figures were posted online, the Ministry of the Interior said Monday that between 50 and 60 were considered serious cases where private information including photos, messages and emails were published. In the other cases, contact information such as email addresses and phone numbers were leaked.

Because of the scale of the operation and the time it took to collect, analyze and publish the information, many security experts suggested it was likely the work of a nation-state, with Russia the most likely perpetrator.

But investigators ruled out Moscow’s involvement.

The suspect has been released while the investigation continues.

Cover image: Photo by Jens Büttner/picture alliance via Getty Images.