BERLIN — A young German man admitted to stealing and publishing online the personal data of hundreds of lawmakers, journalists and other public figures out of anger at their political statements, the authorities said Tuesday.
They did not give any information about the political views of the 20-year-old suspect, who they said had acted alone. But the cyberattack targeted members of every leading political party except the far-right Alternative for Germany, or AfD.
The leaked information — which included private email addresses, credit card information, personal chat exchanges and pictures of the subjects’ children — was available for a month before the federal cybersecurity services noticed it. The attacks fueled a new round of alarm in Germany, a country where citizens especially covet their privacy.
The suspect was detained on Sunday on suspicion of spying and illegally publishing personal information, but has since been released, said Georg Ungefuk, a prosecutor with the office that investigates cybercrimes. The suspect’s name was not made public.
“In the course of the interrogation, the suspect confessed to acting alone in spying and illegally publishing the data,” Mr. Ungefuk said. “Regarding his motivation, the suspect said that he was angry with the public statements of the targeted politicians, journalists and public personalities.”
Officers searched the home of the man, a student who lives with his parents in the central state of Hesse, on Sunday, Mr. Ungefuk said.
Two days earlier, the authorities were alerted to the hacking attacks, which were announced on Twitter in November and were published in a series of links beginning on Dec. 1. The authorities said they were still evaluating hard drives and personal papers confiscated in the raid.
Almost 1,000 people were targeted by the hacking attack, but sensitive personal information was released in only 60 or so cases, the authorities said.
Opposition lawmakers have criticized security officials and Chancellor Angela Merkel’s interior minister for failing to discover the incursion until nearly a month after the information was first published online. The hacker released the information through links and passwords posted on Twitter in the form of an Advent calendar, where a window is opened each day leading up to Christmas, revealing a treat.
Early postings involved the personal information of rappers, journalists and YouTube video bloggers, but from Dec. 20, information on members of five of the six political parties with seats in the German Parliament was released. It was not clear why AfD politicians were spared.
The attack raised new questions about whether the government had structures in place to adequately help users safeguard their computers and sensitive personal information
Katarina Barley, the justice minister, said her office was looking into whether it made sense to further tighten the country’s already strict privacy laws, or those requiring software providers and companies running internet platforms to respond more swiftly to requests for data to be taken down.
“We are examining whether tightening the laws would make sense or be necessary,” Ms. Barley said. She also encouraged Germans to use strong passwords and two-step verification to access to their online accounts.