The headline across Germany on 5 January 2019 was the news that a hacker has targeted and released private data on German chancellor Angela Merkel and other senior German lawmakers and officials.
The breach apparently happened in November 2018 but was only disclosed publicly this week - January 2019.
Germany’s Federal Office for Information Security said in a statement that it was “extensively investigating” the breach, but does not believe there was an attack on the government’s networks.
It’s not the first time that the German parliament has faced security issues. In 2015, attackers stole gigabytes of data on lawmakers, which Germany’s domestic spy agency later accused Russia of being behind the breach.
One wonders when the authorities and regulators themselves, who are also policy makers and have a much wider pool of resources as compared to the private sector got hacked, how does these same people who proposed and determined the policies, expects the private sector who has much less resources, protect and secure themselves from a breach?
Unlike the breach in 2015, this time, the breach happened when the GDPR was already in force - July 2018.