Cyber Incident Victim: Bündnis Sahra Wagenknecht
Date:
Jul 2024
Location:
Germany
Summary
A cyberattack compromised the Bündnis Sahra Wagenknecht political party, resulting in unauthorized access to a dataset containing information on approximately 70,000 individuals. The party's federal manager confirmed the breach via internal communications, noting that affected persons were being directly contacted by the research network Correctiv, which obtained the stolen data. This incident follows a prior similar security breach against the same organization.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 1, 2024, the political party "Bündnis Sahra Wagenknecht" (BSW) disclosed a cyberattack resulting in the compromise of internal data containing information on approximately 70,000 individuals. Bundesgeschäftsführer Lukas Schön notified members and supporters via a circular email the previous evening, confirming unauthorized access to party systems. The stolen dataset included personal details of supporters, though specific data categories were not enumerated in available reports. A BSW press spokesperson independently verified the breach to Cicero Online, acknowledging the security incident. This marked the second known compromise within five months, following a similar event in March 2024, though the relationship between the two incidents remains unspecified.
The research network Correctiv obtained the dataset and initiated direct outreach to affected individuals, confronting them with questions derived from the stolen information. BSW leadership began notifying impacted parties through official channels, though the notification methodology and remediation measures were not detailed publicly. The breach exposed vulnerabilities in the party's data protection framework, given its recurrence within a short timeframe. Operational consequences included potential reputational damage and loss of stakeholder trust, compounded by external interrogation of supporters without BSW oversight. No threat actor attribution, intrusion vectors, or financial impacts were disclosed in the available reporting.