Hacker had broad access to user data on servers Pirate Party

A hacker who gained access to Pirate Party servers probably stole much more data than just the membership administration. Databases of the forum, the webmail service and Etherpad were also freely accessible to the unknown attacker.

The Pirate Party reports this on its website after an initial ‘quick scan’. According to the party, an initial inventory shows that the attack by a hacker went much further than access to the membership file. Services such as the forum, webmail and Etherpad, which allow multiple users to work on documents, should also be considered affected.

The Pirate Party also reports that the membership administration did contain name and address details and e-mail addresses, but that no bank details were stored. An affected ldap server gave the attacker access to data such as username, name and email address. Passwords would not have been seen and, moreover, were encrypted.

According to the political party, members and users of its services should be aware of phishing emails and other attack methods in the near future. The Pirate Party is also strongly advised to change passwords and to share any suspicious emails that appear with the board of the party.

On Monday, it was announced that the servers of the Pirate Party were attacked last Sunday while the political movement had called a general meeting of members. Initially, it was reported by a board member that at least the membership administration had been approached by the attacker. The party has reported the hack.