German cyber defence agency defends handling of far-reaching data breach

Germany's BSI cyber defence agency on Saturday defended its role in responding to a far-reaching data breach, saying it could not have connected individual cases it was aware of last year until the entire data release became public.

The government said on Friday that personal data and documents from hundreds of German politicians and public figures had been published online, in what appeared to be one of Germany's most far-reaching data breaches.

The story has shocked the establishment and prompted calls for security agencies to clarify whether any security deficiencies they were aware of had been exploited.

The BSI said in a statement that it had been contacted by a lawmaker in early December about suspicious activity on their private email and social media accounts.

"Only by becoming aware of the release of the data sets via the Twitter account 'G0d' on Jan 3, 2019, could the BSI in a further analysis on Jan. 4, 2019 connect this case and four other cases that the BSI became aware of during 2018," it said.

"At the beginning of December 2018, it was not foreseeable that there would be more cases."

Investigations so far showed the data breaches predominantly concerned private and personal accounts, the BSI said, adding: "The BSI is responsible for the operational protection of government networks."