German Bundestag President Targeted in Signal Phishing Attack
German Bundestag President Julia Klöckner, the second-highest-ranking official in Germany, was among the victims of a recent cyberattack targeting the encrypted messaging app Signal. According to a Der Spiegel report, hackers compromised Klöckner’s device as part of a broader phishing campaign against European politicians in recent months.
The attack specifically targeted a Signal group chat involving Klöckner and members of the Christian Democratic Union (CDU) executive board, which includes Chancellor Friedrich Merz. While German domestic intelligence found no evidence of Merz’s phone being breached, at least one other CDU lawmaker was also affected.
The incident follows warnings from European cybersecurity agencies in early April about a Russian-linked phishing scheme. Hackers posed as a fake Signal support chatbot to deceive users into disclosing their PIN codes. Germany’s domestic intelligence service had issued a similar alert in February.
The European Commission has recommended Signal for non-work-related communications since 2020, though the app’s growing use among officials has made it a prime target for cyber espionage. Both the Bundestag and the CDU declined to comment on the breach, citing security concerns.
Source: https://www.politico.eu/article/hackers-attack-phone-of-german-parliament-president-julia-klockner/
Deutscher Bundestag cybersecurity rating report: https://www.rankiteo.com/company/deutscher-bundestag
Hoover Institution, Stanford University cybersecurity rating report: https://www.rankiteo.com/company/hoover-institution-at-stanford-university
"id": "DEUHOO1776896787",
"linkid": "deutscher-bundestag, hoover-institution-at-stanford-university",
"type": "Cyber Attack",
"date": "4/2026",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 'Politicians and staff',
'industry': 'Government/Public Sector',
'location': 'Germany',
'name': 'German Bundestag (CDU)',
'size': 'Large',
'type': 'Government/Political Organization'},
{'industry': 'Government/Public Sector',
'location': 'Germany',
'name': 'Julia Klöckner',
'type': 'Individual (Politician)'},
{'industry': 'Government/Public Sector',
'location': 'Germany',
'name': 'CDU lawmaker(s)',
'type': 'Individual (Politician)'}],
'attack_vector': 'Fake Signal support chatbot',
'data_breach': {'sensitivity_of_data': 'High (political communications)',
'type_of_data_compromised': 'Messaging communications'},
'description': 'German Bundestag President Julia Klöckner and other European '
'politicians were targeted in a phishing campaign against the '
'encrypted messaging app Signal. Hackers compromised '
'Klöckner’s device and accessed a Signal group chat involving '
'CDU members, including Chancellor Friedrich Merz. The attack '
'was part of a broader Russian-linked phishing scheme using a '
'fake Signal support chatbot to steal PIN codes.',
'impact': {'brand_reputation_impact': 'Potential reputational damage to '
'affected political entities',
'data_compromised': 'Signal group chat messages',
'systems_affected': 'Mobile devices of targeted politicians'},
'initial_access_broker': {'entry_point': 'Fake Signal support chatbot',
'high_value_targets': 'European politicians, CDU '
'members'},
'motivation': 'Cyber espionage',
'post_incident_analysis': {'root_causes': 'Social engineering (PIN disclosure '
'via fake chatbot)'},
'references': [{'source': 'Der Spiegel'},
{'source': 'European cybersecurity agencies'},
{'source': 'Germany’s domestic intelligence service'}],
'response': {'communication_strategy': 'Declined to comment citing security '
'concerns'},
'threat_actor': 'Russian-linked hackers',
'title': 'German Bundestag President Targeted in Signal Phishing Attack',
'type': 'Phishing',
'vulnerability_exploited': 'Social engineering (PIN disclosure)'}