The BBC has reported no less than 16 million German email addresses stolen, and account passwords stolen as well by hackers. The hackers infected the computers of the victims which in turn registered those victims in a network from where their data could be stolen.
The German Federal Office of Security (BSI, Bundesamt für Sicherheit in der Informationstechnik) is investigated the matter, but no sign yet of any details of where the theft has originated from. The agency has created a website to check whether you have been hacked or not. The website can be found here. On the first day more than 300,000 people had already visited the website. With this many German email addresses stolen, it seems that the hackers have been executing their theft quite professionally.
German news site Bild (Google Translate version of article) notes that when a match is made with an email address that is entered on that website, an email will be sent to that email address. That email contains tips on what to do: if a match is made the chances are pretty high that the email address owner’s computer is infected.
The fact that more than half of the stolen email addresses ended with .de provided the insight that the attack was aimed mainly at German email address owners. 16 million addresses would cover about one fifth of the total german population.