Last week, it was announced that during December 2018 almost one thousand German public figures, including journalists and a number of prominent politicians including the Chancellor and President, were the subject of one of Germany's largest data breaches. The leaked data included contacts, private chats, credit card details and other financial details of figures from many of the major German political parties. The German interior ministry have since stated that there is no evidence that government systems or data have been compromised in the cyberattack.On 8 January 2019, a 20 year-old man was arrested in connection with the cyberattack; it has been reported that he was able to access such a large amount of data since the data subjects affected did not use sophisticated passwords.
The German cybersecurity authority (the Federal Office for Information Security) has been criticised for its handling of the cyberattack and resultant data breach and for not informing the police in a timely manner. Responding to the data breach, Horst Seehofer, the German interior minister, has announced that he intends to propose a new IT security law, a draft of which may be presented to the German cabinet within the coming months. It remains to be seen what the contents of the draft bill are, but its very existence is a sign of the increasing importance European governments are placing on cyber and data security.
Disclaimer
The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.