According to party sources, the serious cyber attack on the CDU network also affected data belonging to chairman Friedrich Merz. During the investigation, the CDU was informed that “data from the party chairman’s calendar had been leaked,” a CDU spokeswoman told the German Press Agency on Thursday. No further details were given, citing ongoing investigations.
The North Rhine-Westphalia State Office of Criminal Investigation and the North Rhine-Westphalia Central Cybercrime Contact Point have begun investigations, the spokeswoman said. The background to this is that the federal party’s IT subsidiary is based in North Rhine-Westphalia.
The cyber attack on the CDU became known at the beginning of the month. The Federal Office for the Protection of the Constitution and the Federal Office for Information Security then began investigations. As a precautionary measure, parts of the party’s IT infrastructure were taken offline and isolated. According to earlier information, the central membership file was also affected.
Shortly after the incident became known in early June, Merz said that it was the most serious attack on an IT structure that a political party in Germany had ever experienced. These were massive and highly professional attacks. “We must defend ourselves against this with everything at our disposal,” said the CDU leader. Due to the ongoing investigations, no information was initially available on the extent of the damage or the attacker.
The SPD was also the victim of a cyber attack last year. At that time, email accounts at the party headquarters were hacked. The federal government blames a unit of the Russian military intelligence service for this attack. At the beginning of May, the Foreign Office summoned a high-ranking Russian diplomat and recalled the German ambassador in Moscow, Alexander Graf Lambsdorff, to Berlin for a week for consultations.