Politician Hack: This is how large parts of the data were collected!


The whole of Germany is puzzling about the politician Hack, the origin of the stolen data, its purpose and above all about the perpetrators. One thing is already certain: the perpetrator or perpetrators have gone to a lot of trouble.

They have collected data, categorized, sorted and marked victims according to their interest in the attack. But where did the data come from? They are too extensive for a single phishing attack. We set off on a search.


Deep Dive ins Darknet – Suchmaschinen, Browser und Nutzen!

Jetzt kostenfrei zum Webinar anmelden und am 29.01.2021 von 10:00 – 10:30 Uhr teilnehmen.



The origin of the data is diverse – but the problem is the same.

We looked at the extent of the stolen data and puzzled over its origin. For a targeted (spear-) phishing attack like the one we carry out to sensitize employees*, the amount of data is simply too large and widely scattered.

Finally, it contains data from the private address of the politicians to the mobile phone number, bank data and chat protocols. But in addition, some of the pictures and clear names of the new generation are also available for download.

The question is currently omnipresent –
where did the data come from the politician Hack?

A line test (n>20) showed that all checked accounts already occurred in data thefts at that time. In some cases, information such as the password was or is still available in plain text on the Internet – and not only in the data record, which is now being hotly discussed. With the help of this data, the bridge to other platforms, services and accounts can be built without much effort. Same password? Big problem!

And even if no password has been stolen, in some cases the security issues have been stolen. In the end, many roads lead to Rome. Our Live Hackings have been showing this for years. The technical vulnerability of many websites is responsible for the current hacker attack.

Who has a long breath, and the attacker/the attacker – as you have proven – can collect, categorize and abuse data. In this case, the data was made available to the public. From our point of view, it’s a Grey Hat hacker’s procedure.

The stolen data from the politician Hack are explosive and pave the way for further hacks.

The dataset is a steep template for further fraud scams. At this point we do not want to go any further into the possibilities of abuse. The only advice we can give at this point is:

  1. Change passwords
  2. Change security questions
  3. Enable two-factor authentication
  4. Delete/ discard old sessions

The first step is to put a stop to the freeloaders of this world.

Public information remains public. The available Pastebins have long been copied several times. The attackers have shown society the problem and the potential scope of data theft. Now it becomes time the homework to settle: Awareness increase, the handling train and the infrastructure secure.




Now it met “only” few humans. Out there are millions more people who do not know that their data has been stolen. Data that can be used to compromise their digital identity.


Sevencast – der IT-Security Podcast

Von unterwegs, im Büro oder zu Hause hören und auf dem aktuellen Stand bleiben!

Sevencast bei Spotify
Sevencast bei Apple Podcast
Sevencast bei Overcast


Leave a Comment