Enlarge image
Headquarters of the district administration of the district of Anhalt-Bitterfeld: The ransomware attack hit the administration hard
Photo: Klaus-Dietmar Gabbert / picture alliance / dpa
The severe hacker attack on the district administration of Anhalt-Bitterfeld hits numerous MPs personally.
As far as we know, the criminals have published personal data of 92 people in the so-called Darknet;
According to SPIEGEL information, 42 of them are members of the district council.
According to a letter from the district administration, the unknown perpetrators published cell phone numbers, private addresses, bank details and names of previous employers, among other things.
"Possible consequences of the publication can include payment and shipping fraud, identity theft, spam campaigns or targeted phishing attacks," says the letter signed by District Administrator Andy Grabner.
He recommends that those affected change their personal access data as a precaution.
At the beginning of July, criminals infected several servers in the district with malware; for the release of encrypted data, they are demanding a ransom of a previously unknown amount.
All three administrative locations in Köthen, Bitterfeld and Zerbst are affected, and the district then declared the disaster.
The attackers presumably exploited a security hole in the Windows print function that was discovered in early July and was closed by Microsoft a short time later.
The perpetrators infected the servers with so-called ransomware and encrypted the data.
The documents now published on the Darknet are, among other things, minutes of committee and district council meetings - also from the non-public part.
According to the district, specialists from several federal and state authorities are busy "analyzing, identifying and fighting the virus".
The employees of the district administration receive support from the Federal Office for Information Security (BSI) and from the so-called cyber and information room of the Bundeswehr.
In the meantime, the district administration, which was initially unable to pay out social benefits or receive emails, is again able to work to a limited extent.
Other municipalities have taken on some tasks.
There is also a hastily set up »emergency infrastructure«.
According to the district, several weeks will pass before all employees can work with a new IT system.
District Administrator Grabner, who only took over official business a few days after the hacker attack, had already spoken in July that it could take up to six months until normal conditions were restored.