A 20-year-old man has made a “comprehensive” confession that he was behind a data breach affecting hundreds of high-profile Germans, police say.
Styling himself “G0d”, he published private information about politicians, journalists, and celebrities on Twitter, under the username @_0rbit.
Investigators said the man was still in education and living with his parents.
The suspect said he acted alone and out of annoyance at statements made by the public figures he attacked.
Some 1,000 people were affected including German Chancellor Angela Merkel.
Politicians from every major political party except for the far-right AfD were targeted, although investigators said they had yet to find evidence of the suspect’s political inclinations.
What do we know about suspect?
Germany’s federal criminal police (BKA) said the information published online included telephone numbers, addresses, credit card data, photographs, and private communications.
Investigators said the German citizen they arrested had co-operated and led them to evidence they may not have found without help. Police are also still investigating seized computer hardware.
In a statement, the BKA said he was detained after a search of his home in the state of Hesse on Sunday. He is accused of spying and the unauthorised publication of data.
His provisional arrest, however, was lifted on Monday evening. He was released “due to a lack of grounds for detention”, police said. They took into account both his age and his co-operation.
The @_0rbit Twitter account has been suspended since coming to widespread attention late last week. Before then, it published the leaked information in an “advent calendar event” each day in December.
Its biography had described itself as involved in “security research”.
Who was targeted in the breach?
Of the almost 1,000 politicians, celebrities and journalists affected by the leak, some 50 attacks were “more serious”, involving private correspondence or photos, officials said.
Among those affected were:
- Chancellor Angela Merkel: her email address and several letters to and from the chancellor appear to have been published
- The main parliamentary groups including the ruling centre-right and centre-left parties, as well as The Greens, left-wing Die Linke and FDP. Only AfD appears to have escaped
- Greens leader Robert Habeck, who had private chats with family members and credit card details posted online
- Journalists from public broadcasters ARD and ZDF as well as TV satirist Jan Böhmermann, rapper Marteria and rap group K.I.Z, reports say
- Another TV satirist, Christian Ehring, is said to have had 3.4 gigabytes of data stolen and posted online, including holiday photos. Last year he won a court case brought by AfD leader Alice Weidel, who complained when he called her a “slut” on his TV show.
- Centre-left SPD MP Florian Post said he felt “quite shocked” by the leak of account statements and other details online, but he added that at least one file that had been posted was fake.
The fallout has created widespread alarm politically. Robert Habeck, leader of the Greens, deleted both his Twitter and Facebook accounts on Monday after being affected by the data breach.
Germany’s Interior Minister Horst Seehofer was due to give further details about the fallout from the data breach.
How did the data breach happen?
The suspect has told police he acted alone. Initially, it was suggested that the information could have been leaked by a person with genuine access to the records through their work.
But on Saturday the BSI information security agency said that a member of German parliament had reported suspicious activity on their email account in early December.
It was assumed to have been an isolated case at the time, the agency said in a statement – and was linked to the @_0rbit leaks only when the account’s existence became known.
A cyber analyst told the BBC there was speculation that hackers might have exploited weaknesses in email software to get hold of passwords that those targeted had also used on social media accounts.
German officials also said there was no evidence to suggest that government systems had been compromised.
Nonetheless, the scandal has prompted calls for action to improve cyber-security practices.