In a significant cybersecurity incident, Germany has reported the largest data breach in its history, involving the compromise of approximately 18 million email accounts. This breach, executed by unauthorized hackers, has led to the theft of usernames and passwords, raising serious alarm about the security of personal information.
The breach came to light following a report by German media outlet Der Spiegel, which noted that German authorities had uncovered this massive hacking of sensitive data belonging not only to German citizens but also to various international internet companies.
Authorities from the northwestern city of Verden disclosed that the breach revealed a trove of personal data, including about 18 million compromised email addresses and their associated passwords. This follows closely on the heels of another major incident reported just two months earlier, which involved the theft of 16 million email accounts, uncovered during research involving a malware-infected botnet.
It is believed that the same group of hackers executed both data thefts, possibly operating from one of the Baltic countries, according to reports from Der Spiegel. The initial access to the accounts appears to align with tactics recognized in the MITRE ATT&CK framework, hinting at methods such as phishing or exploiting insecure credentials to achieve unauthorized access.
Moreover, investigations have indicated that some of the compromised accounts have been actively utilized for spamming and are linked to e-commerce platforms. This highlights the risks associated with such data breaches, where hackers can manipulate stolen credentials to gain financial access to victims’ accounts. German authorities have responded by urging individuals to implement stronger security protocols, recognizing the heightened risk posed by the misuse of these compromised records.
“It is suspected that these stolen records are being actively misused,” stated Lutz Gaebel, spokesman for the prosecutor’s office in Verden. Investigators have yet to fully disclose how the attackers infiltrated such a vast network of personal data, and ongoing efforts are aimed at understanding the origins and scope of this breach.
Preliminary estimates suggest that at least three million of the compromised accounts belong to German citizens, with additional accounts potentially linked to international email domains. This raises concerns that the actual scale of the compromise may be much greater than currently understood, as investigations continue to unfold.
In response to this alarming security event, the German prosecutor involved in the investigation has initiated discussions with the Federal Office for Information Security (BSI) to enhance protective measures for users at risk. This proactive approach aims to safeguard personal information amid a growing trend of sophisticated cyber threats.