German Bundestag Chief’s Signal Account Hacked in Ongoing Phishing Attack Targeting Officials
Phishing campaign compromises Signal accounts of top German politicians, exposing party leadership communications including Chancellor Friedrich Merz.
The Signal messaging account of Julia Klöckner, Chair of the German Bundestag and Vice Chair of the Christian Democratic Union (CDU), was compromised in a phishing attack, raising concerns about cybersecurity within Germany's political elite.
According to a report from Der Spiegel on April 22, the attack is part of a persistent phishing campaign targeting Signal users over recent months, with Russian hackers suspected of orchestrating these breaches. Klöckner's Signal account was not only personal but also connected to a private group chat involving the CDU presidium, including Germany's Chancellor and CDU Chairman, Friedrich Merz.
Impact on CDU Leadership and Broader Political Security
The hack reportedly affected communications within the CDU presidium's group chat on Signal. CDU spokespersons confirmed that the breach extended to this key party leadership forum. The Federal Office for the Protection of the Constitution (BfV) promptly informed Chancellor Merz of the intrusion and conducted a thorough examination of his device, finding no evidence of compromise.
“It must be assumed that perpetrators are currently covertly harvesting data from numerous parliamentary group chats on Signal,” reads a confidential 20-page BfV briefing distributed to parliamentary faction leaders and party executives on April 21.
Despite media reports, Klöckner’s representatives have neither confirmed nor denied the hacking incident, emphasizing parliamentary security protocols that typically withhold sensitive information related to critical infrastructure.
The briefing further warns that multiple high-ranking officials have already been victimized, suggesting the true scale of breaches is likely significantly larger than publicly acknowledged. German intelligence agencies estimate that at least 300 individuals have suffered from hacker activities targeting politicians, military personnel, diplomats, and investigative journalists.
In response, the Federal Office for Information Security (BSI) and BfV have issued detailed guidance aimed at mitigating phishing risks amid this wave of cyberattacks, highlighting the need for heightened vigilance among government and political figures.
This incident underlines the growing threat posed by cyberespionage against political institutions and the challenges of securing communication platforms widely adopted by officials worldwide. As Germany approaches critical political junctures, safeguarding confidential communications remains a paramount concern.
