On Monday evening, the Sahra Wagenknecht Alliance (BSW) warned members of a possible data leak in a newsletter. The trigger was apparently also inquiries from the Correctiv editorial team to party members. The Correctiv editorial team informed the party by email “that Correctiv has personal data,” wrote deputy chairwoman Amira Mohamed Ali in the newsletter to supporters. The approximately 70,000 subscribers to the newsletter are affected.
Advertisement
BSW: “Targeted attack”
The party assumes that this is a targeted attack on the IT infrastructure and that the data of around 70,000 people is affected, a BSW spokesperson confirmed to heise online. No further details are available yet. “All potentially affected parties and the responsible data protection officers have already been informed, and a criminal complaint has been filed.” The party is calling on Correctiv to “stop using the illegally acquired data to bother our members and supporters with questionnaires.”
According to the BSW, those affected by the leak were contacted by Correctiv employees. “Unfortunately, it currently looks as if the Sahra Wagenknecht alliance has once again become the target of a cyber attack,” the spokesperson explained. “We learned of this, among other things, from victims in the BSW circle, whose email addresses and telephone numbers received dozens of inquiries from the Correctiv research network.” In March, the BSW confirmed a data leak that is said to have affected around 35,000 people. It is unclear whether there is a connection between the two incidents.
Origin of data unclear
It also remains unclear where the data comes from. Correctiv does not provide any information on this. When asked by heise online, the Correctiv editorial team simply referred to an article that had already been published about the financing of the BSW. In another article published on Tuesday, Correctiv confirmed that the editorial team “has” a data set that contains “membership lists and information on supporters and so-called state representatives”. This data was “apparently unprotected on the Internet”. Correctiv says it “contacted more than 150 people on Monday” who were affected and asked whether they had already been informed by the party about the leak.
The personal data of subscribers to a party newsletter are likely to be subject to the special protection of Article 9 of the European General Data Protection Regulation (GDPR). This only allows the processing of personal data that reveals “political opinions” or “ideological beliefs” under narrowly defined conditions. A leak or the unauthorized processing of this data is considered a serious incident.
Update
27.08.2024,
20:15
Clock
Correction: Correctiv apparently mistakenly responded to a request from heise online with a link to its own article about party donations from the BSW. This gave the impression that the leak was related to research into party donations. This connection has been removed from our article. Correctiv has since published an article about the leak, from which information has been added in the penultimate paragraph.
(dmk)
