Germany blames Russia for Bundestag cyberattack as US breach hits 5.6 mn

The German government has openly accused Russia of orchestrating a cyberattack against the Bundestag, Germany’s federal parliament, in a move that sharpens already tense relations.

The attack knocked out parliamentary email systems for more than four hours and landed at a sensitive moment, during Ukrainian President Volodymyr Zelenskyy’s official visit to Berlin.

German officials say the timing was no coincidence. Zelenskyy was in the Bundestag for high-level talks with senior political figures, including President Julia Klockner, as Ukraine presses allies for deeper backing in its war with Moscow.

According to Berlin, the disruption fits a pattern of attempts to interfere with diplomatic engagement and complicate discussions around military support.

The incident unfolded as Zelenskyy intensified efforts to secure additional assistance, including artillery, from Germany.

His outreach followed stalled talks with former US President Donald Trump, which failed to produce meaningful commitments.

Berlin has now become a central pillar in Kyiv’s diplomatic strategy, and German officials see the cyberattack as an effort to inject friction into that process.

The accusation against Moscow came only days after Germany levelled another charge, this time aimed at Russia’s military intelligence service, the GRU.

German authorities say the GRU ran a disinformation campaign designed to influence the 2024 federal elections. Investigators link the operation to Fancy Bear, a hacking group long associated with Russian intelligence services.

Taken together, the incidents reinforce Berlin’s view that Russia is pursuing a sustained campaign to destabilise Germany through cyber operations and information warfare.

According to Beinsure, officials describe the actions as coordinated pressure rather than isolated events, with both foreign policy and domestic politics in scope.

Across the Atlantic, a separate cybersecurity crisis has unfolded with far-reaching consequences.

700Credit, a US-based credit monitoring and financial services provider, confirmed a data breach that exposed personal and financial information tied to more than 5.6 mn individuals.

Attackers gained access through a third-party API, opening the door to highly sensitive records.

The compromised data includes credit card details, dates of birth, Social Security numbers, home addresses, and full names.

According to the company, the breach traces back to a partner’s server, which was infiltrated first, then used as a pathway into 700Credit’s systems.

The incident reportedly occurred in July, yet notification came much later. That delay gave attackers ample time to extract data, raising concerns about how long the information may have circulated before detection.

For affected consumers, the exposure creates immediate risks around identity theft and financial fraud.

700Credit has offered two years of free credit monitoring and access to a complimentary credit report to those impacted.

The firm also established a dedicated support hotline to handle questions and guide consumers through protective steps. It’s a familiar response, though one that does little to reverse the damage already done.

The breach underscores a recurring weakness in financial and data services – third-party integrations that extend functionality while quietly expanding attack surfaces.

According to Beinsure analysts, incidents like this continue to show how vendor risk, not internal controls, often becomes the decisive failure point.

For millions of individuals, the fallout now stretches well beyond the initial breach window. Fraud risk doesn’t expire neatly. It lingers.