Overview
- Investigators say the group tried to access over 20,000 agency accounts between January 30 and March 19, succeeded in about 1,000 cases and changed bank details in more than 150.
- The scheme surfaced after a jobcenter employee noticed anomalies on a deceased client’s file, prompting the agency to alert Bavarian cybercrime authorities and temporarily restrict some online functions in March.
- Coordinated searches on October 8 across multiple states yielded datadrives, cash, weapons and narcotics that police say link the eight suspects, aged 36 to 61, to the attack.
- Two suspects are in custody on separate drug-trafficking allegations, while investigations into alleged commercial computer fraud continue.
- Officials attribute the credential theft to compromised private devices, and two-factor authentication has been mandatory since April 29, limiting confirmed losses to roughly €1,000 despite potential for far higher sums.