Helge Lindh actually wanted to take care of refugees in distress when Saskia Esken received an SMS. “I’ve just been to Malta and about to do that Sea-Watch to enter “, says the SPD member of the Bundestag from Wuppertal. From that moment on, his first concern was no longer the refugees, to whose rescue the ship set out: He had to recapture his own digital life, which was suddenly floating around in public on the net.
His party colleague, the Internet politician Esken, told him that he was the victim of a digital exposure that the country had never seen before. His private mail, including attachments, was online, including documents from refugees Lindh had supported: notices from the job center, copies of passports.
Not only Lindh’s data were suddenly freely available on the Internet in December 2018, but those of more than 1000 people: politicians, Youtubers, journalists. They were put online under the pseudonym “Orbit”. Whoever downloaded and unzipped the data set could click through addresses, telephone numbers, e-mails, debit cards or holiday photos, and private chats were also included. Investigators frantically tried to find the source for several days. Had political Berlin been hacked? Maybe even from a foreign secret service?
A long list of allegations
Oh no. Behind the pseudonym “Orbit” was a 20-year-old student from Central Hesse who was arrested on January 6, 2019. What drove him is to be clarified from this Wednesday on in the Alsfeld district court. The now 22-year-old is charged with collecting and publishing the data. The list of allegations is long: it is about “spying on and changing data”, data theft, but also about the pretense of criminal offenses. In addition, he is said to have blackmailed six members of the Bundestag: either they paid 900 euros in the digital currency Bitcoin, or he published their personal data.
Because the accused was still a minor at the time of some of the offenses, the trial takes place in camera. According to the public prosecutor’s office, “educational measures, discipline or juvenile punishments” are possible punishments – if the judge opts for juvenile criminal law.
The defendant’s lawyer lets the court know that he does not want to comment. The motive for the acts remained unclear in six interrogations. But there are indications that the defendant has continued to move to the right. This is what people reported from the scene in which he was moving. In an interrogation he expressed anger according to the Frankfurt public prosecutor’s office at the statements of the politicians whom he had targeted. It fits in with the fact that the AfD was the only party from the Bundestag to be spared and that journalists who are known for researching right-wing extremists appear in its data set.
More like a doxing than a hacker attack
The court will also try to clarify which accounts “Orbit” hacked and which records he bought. A large part of the data was already lying around publicly on the Internet or came from older break-ins in online accounts. The account of MP Lindh, for example, was hijacked in March 2018. Political Germany was not so much hacked as it was “doped”. The word doxing is derived from “documents” and means that digital files about people are created and published. The perpetrators collect information via search engines, for example, or crack poorly secured e-mail or social media accounts.
The data did not reveal any scandals, but those affected still felt the consequences. Lindh tells how threatening phone calls increased after the release. Nazis from Mecklenburg-Western Pomerania published his correspondence with refugees in order to slander him as a helper in an “invasion”. To this day he has received threat messages referring to the “800 megabytes” of the data set.
“I don’t see this as a minor offense, because there were death threats and insults and third parties were also affected,” says Lindh. A Syrian family he had contact with was harassed. The tricky thing about doxing is that it not only affects the people whose data is published, but everyone with whom they have exchanged digital information. Their numbers, addresses and emails are also made public.
One of the victims was also the Greens chairman Robert Habeck, who found his bank details and e-mail addresses on the net, chats with his wife and sons from the family account, and private photos. At the time, he was particularly troubled by the fact that his wife’s professional mail exchange had been dragged to light. “Of course the data breach is still deep in my bones and in my family,” he says today. “Half of the journalistic Berlin was able to read how I talk to my children and my wife.” The “break-in” made him “the vulnerability of the private and personal drastically clear”.
Allegations to the federal government
Anke Domscheit-Berg was not poisoned by “Orbit”, but the case still occupies the Bundestag member and network politician of the Left to this day. Although doxing is a form of digital violence, the federal government ignored the topic for a long time – because it mainly affects women and activists, she says. “There is hardly any advice, hardly any offers of help. But we need protection for the general public. After all, that happens every day to any model woman. Nevertheless, nothing happened, apart from the fact that the new law against hate crime is supposed to make it easier for people at risk to block information in the population register. This is not how strangers should simply get address data.
For Domscheit-Berg, the “Orbit” case is evidence of a lack of digital competence even in high politics. Many victims’ accounts were poorly protected. Helge Lindh has meanwhile upgraded, he uses two-factor authentication, which is considered to be an effective protection against account transfers from a distance. Having been poisoned once – that’s enough.