20-year-old man arrested in connection with German cyber-attack

The man confessed to be responsible for leaking private information of hundreds of politicians and celebrities

A 20 year old suspect has admitted responsibility for the data-breach that shook German politics last week.

The unnamed individual claimed to have gathered and published hundreds of documents containing private information of German politicians, celebrities and other public figures.

An official spokesperson said that while he was technically sophisticated, he had no formal education in IT. Reports indicate that he had taken advantage of various security flaws in the systems of federal agencies, as well as systems used by private individuals. He also collected information from publicly available sources.

The documents were published in December, but only gained wider attention in the new year.

Distributed via a Twitter account, the information includes personal phone numbers, credit card details, ID cards, email addresses, home addresses, confidential party documents, family photos and even private family chats.

Victims of the leak include several high-profile politicians such as Chancellor Angela Merkel and President Frank-Walter Steinmeier.

The wide range of data has prompted speculation that it has been gathered by multiple individuals, but the suspect claimed that he worked alone.

He said his motive was annoyance at public statements made by politicians and other public figures. He targeted all major German parties except for the AfD.

German government and security agencies have been widely criticised for not taking cyber criminality serious enough.

The government's information and security agency was already notified about a data breach in December, but dismissed it as a one-off incident.

Popular newspaper Der Spiegel defended the decision claiming that social media pages are no responsibility of the agency which is primarily tasked with securing the operational network of the government.

The government is now debating steps that can be taken to prevent a reoccurrence. One of the ideas being debated is legalising the right to ‘hackback', which could enable federal agencies to attack the infrastructure of hacker's servers.